clicked on the vulnerability report and hurriedly scanned it, Zhang Lan's brows jumped. Pen, fun, and www.biquge.info

"Will the 'Athlon II. Processor' reboot five times in a row cause a logic error vulnerability?"

Wang Lei stretched his head over and almost put it on his shoulder, "It's another strange leak...... Not right......"

Before he finished speaking, he had already seen the detailed analysis below, and his expression changed suddenly.

"Can I get into the processor's System Management Mode (SMM) and install a rootkit?" Zhang Lan, who looked at it carefully, also became serious on his face, "How is it possible?" Is it possible for the security mechanism to be breached? ”

"But isn't it mentioned here?" After the Athlon II. processor's continuous reboot, some logical branches will have processing errors or do not work properly, which can temporarily bypass the monitoring ...... of security software"

Where can Wang Lei still sit still, he hurriedly got up and ran outside, "I'm going to ask for a computer with an Athlon-II processor, and I'll try ......it later."

"Hmm!"

Zhang Lan replied without looking back, and his brows were already pimple.

"Able to bypass security mechanisms and go directly into SMM to install rootkits? What kind of mid-level vulnerability is this, and is it a high-risk vulnerability at all? ”

kept muttering in his heart, to be honest, he didn't believe this vulnerability report.

Especially after seeing the words written in the remarks column at the back, Zhang Lan even wondered if someone was using his own loopholes to report the auditors!

It's no wonder that he thinks so, because Zhang Lan and the others have really met such boring people in the past year.

wrote some bizarre test steps, and finally the staff on their side couldn't find the so-called loophole after repeated tests step by step, and then according to the contact information left by the whistleblower, they couldn't find anyone, and it was not clear that they had been tricked!

clicked on the browser and entered the contact number of the other party in the search bar, although for the protection of citizen information, the service provider did not expose any information about the contact, but after confirming that this phone number did exist, Zhang Lan's suspicion in his heart was somewhat lightened.

After going back and reading the report carefully, his fingers couldn't help but tap unconsciously on the desktop: "The computer only needs five consecutive restarts to confirm the authenticity, it shouldn't be a joke......

As he was muttering, he suddenly heard a rush of footsteps from behind him.

was affected to think, Zhang Lan suddenly became a little annoyed, thinking that Wang Lei was back, so he turned his face angrily and was about to break his mouth a few words: "Can you be light...... Uh, Director Lin, why are you here too......"

Seeing several people walking into the office with Wang Lei, who was holding a main chassis in his arms, especially after recognizing who the middle-aged man with a cup of instant noodles was, Zhang Lan couldn't help but stand up and bow slightly.

This middle-aged man's name is Lin Rong, and he may not have a good reputation in China, but no one in the Taihe Core Company dares to underestimate him.

Because Lin Rong, who is just 45 years old this year, was the only Chinese senior inspector of the international processor giant Intel, and participated in the testing of more than a dozen Intel processors.

Nine years ago, when Taihexin's 'Athlon series' was still under development, it took a lot of money to dig him up.

It has to be said that this is a smart step.

Lin Rong's arrival not only brought strict testing standards from international giants to Taihe Core, but also personally cultivated a group of testing teams with international first-class level, and in the past few years, he has found nearly 100 vulnerabilities ranging from high to low for Taicore's star product, the Athlon, series.

It can be said that although Lin Rong is not the designer of the 'Athlon series' processor, the honor of a 'soul man' will definitely not be able to run away.

Although Zhang Lan's position is a loophole report auditor, he and Wang Lei are both soldiers brought out by Lin Rong, and they are directly under Lin Rong's inspection team, so as soon as he saw who was coming, he hurriedly put back the impatience that reached his throat.

Lin Rong waved his hand, "You guys are busy with you, I've been working for half a day, I'm about to eat a bowl of noodles and rest, when I saw this kid coming to the testing team to ask for a computer, I came over to take a look!" ”

Tai Core has not received a vulnerability report for a while, although this is an encouragement to their products, but no one will think that Tai Core can really be perfect, otherwise it would not be the same as IBM, Intel, AMD processor giants, spent a lot of money to set up a professional testing team, but they are worried that the design is not rigorous enough, leaving loopholes.

But after all, Lin Rong couldn't help but squeeze to the computer with a cup of noodles, pushed his glasses and looked at the vulnerability report letter that was still open on Zhang Lan's computer, his face quickly became serious, "Can you enter the SMM and install a rootkit?" This is a high-risk vulnerability......"

Although the vulnerabilities of processors are different, if you really want to divide them, they are nothing more than 'hardware and software'.

Hardware-based vulnerabilities generally refer to some unreasonable architectures in the design process of the processor, so some of the vulnerabilities will affect the life of the processor, some will affect the energy consumption, and more serious may be discovered by hackers and steal control of the computer.

Basically, most of the hardware vulnerabilities involved are high-risk, but the cost of redesign is generally too high, and most of them are barely plugged by releasing firmware patches after they are discovered.

Software-based vulnerabilities refer to various problems in the processor's built-in system or driver, except for a very few vulnerabilities involving logic and security mechanisms, which are generally minor functional defects, regardless of whether it has much impact.

Based on Lin Rong's experience, he naturally only read the analysis, and immediately understood that this was a rare high-risk vulnerability among software-based vulnerabilities.

Zhang Lan responded: "Yes, if this vulnerability really exists, it is indeed a high-risk vulnerability!" ”

Lin Rong nodded, and he didn't have the heart to eat noodles, so he put the cup of noodles in his hand on Wang Lei's desk next to him, and immediately arranged it, "Go, connect this host, let's test it!" ”

"Great!"

Not to mention that Zhang Lan and Wang Lei were there, and there were several staff members of the testing team who came with him.

It's not tiring to work with a lot of people, a few people, you pull out the power and I will remove the threads, and soon replace the idle computer host next to it, and then start testing.

"Turn it on......"

Lin Rong took out a timer from his pocket and pressed it.

Xu was because he took a newly purchased computer main chassis, and it only took 18 seconds to boot it up for the first time.

When the operation interface was buffered, Zhang Lan chose to restart from the left start bar without Lin Rong's reminder.

After going back and forth like this a few times, the office couldn't help but discuss: "Is it true, I always feel that this loophole is too child's play, right?" ”

"It's just that the computer needs to be restarted continuously to appear, how boring it is to do this, not afraid of hurting the computer!"

"Maybe it's boring again!"

"It's a possibility, and we've not encountered all kinds of weird loopholes before!"

Lin Rong smiled and interjected, and did not stop everyone from breaking their mouths on the side, "What's more, this is the fourth restart, whether the loophole is true or not, you will know right away!" ”

The computer industry should be the most humanized industry to manage, because most practitioners are highly educated, and the income is not low, and everyone relies on technology to eat, especially a technical team like them, there is no clear hierarchy.

With the fifth reboot of the computer, a group of people couldn't help but squeeze forward.

Lin Rong stood at the front even more relentlessly, stretching out his head and almost pressing on Zhang Lan's shoulder.

In front of me, the computer with the 'Athlon II. processor' was almost brand new, and the process bar of the operating system was walking and suddenly there was a freeze.

"Huh......"

Lin Rong's face straightened, he glanced at the stopwatch in his hand, and put it in his pocket after pressing it.

A subtle change in the moment made the few technicians huddled in the small office aware of the problem.

"Xiao Li, go and move two feature phones!"

"I'll go!"

A stocky young man ran out with another young man next to him, and a few minutes later the two returned with two feature phones that were significantly thicker than most laptops on the market.

"Hands and feet are sharp, tension, you operate the detection software; Bangs, you go run the attack program! ”

Lin Rong was anxiously directing on the side, and in the few minutes that the two of them went to set up the feature phone, the computer was still restarting continuously.

What everyone didn't expect was that this computer equipped with the 'Athlon II. processor' really had a lag on the process page of the operating system every time it was rebooted since the fifth reboot.

Based on the experience of everyone, I am afraid that as the vulnerability reporter said, there is a deeply hidden vulnerability in the processor that the detection team has not discovered.

"Feature Phone Boot ......"

"Data Cable Parallel ......"

"Detection Software Running ......"

"Attacker Runs ......"

"Ready to restart, let's try as the whistleblower said, and see if we can bypass the security mechanism and enter the SMM ......"

Lines of control code kept beating on the feature phones, and as the computer equipped with the 'Athlon II. processor' that was connected to the two feature phones in parallel with the data cables restarted, there was a freeze, and a red alert suddenly appeared on one of the feature phones.

"GMD has captured DGH-0719-8370 ......and is not working," shouted the man in glasses named Tension, who was in charge of a feature machine.

Before his words even fell, another fat man next to him shouted excitedly: "The security mechanism has really been bypassed, I entered SMM and am installing a rootkit!"

Rootkit is a special type of malware that hides itself and specified files, processes, and network links from the installation target, and is generally used in combination with malicious programs such as Trojans and backdoors.

The loophole turns out to really exist!

Lin Rong's body trembled slightly, and after a moment of trance, he suddenly turned his gaze to the vulnerability report letter on Zhang Lan's work computer desktop next to him.

"There are three more vulnerabilities...... One of them is likely to be an architectural flaw for the whole series...... If it's all true......"

In an instant, his face changed drastically!