So...
"Exploiting the bug would probably require physical access to affected systems, a fair amount of skill and not a little luck in locating a vulnerable box."
Hardly worth mentioning then.
Intel has warned that some of its motherboards contain a flaw in their BIOS setup that creates a privilege escalation vulnerability. As a result of the security bug, users already logged in as administrators could change code running in System Management Mode. SMM is a privileged operating environment that operates outside of …
"...and not a little luck in locating a vulnerable box..."
In a world where corporates buy these things in batches of thousands and roll them out to whole sites at once, there will be some ripe targets out there. You can guarantee that most will never get their BIOS updated. A little basic social engineering is all it would take to find one.
Watch this space.
As happens every year around this time, security gets a lot of attention... Blackhat, Defcon, and some vendors, like Intel, fessing up to coding errors and airing their own laundry. Although very different to the Blackhat presentation in terms of the flaw, this is increasing our awareness of how the growing sophistication of BIOSes and related technologies (Asus ExpressGate, etc) could compromise a system. All OS level software would consider these bits a rootkit merely because of their hidden/lower-level nature. The more concerning one disclosed by Core Security has more information available from our blog (without the hype.) http://www.sophos.com/blogs/sophoslabs/v/post/5716
Chet Wisniewski
@chetwisniewski (twitter)
www.sophos.com
I'm not sure the open saucer community is ready to deal with BIOS level issues yet - they've still got so many internal issues to work out (vanishing project leaders, no focused growth or support plans, etc...)
Besides, as pointed out in the article, BIOS level weaknesses are extremely rare so why bother messing around with them?