Security researchers believe that the cyber attackers could adapt the existing Rowhammer exploits to their attack techniques and easily gain root privileges to the computer.
The team claims this to be the first remote software-induced hardware fault attack.
The downside here is that it is a hardware flaw and not a software flaw, thus it could be present in any computer which has the Intel Processor built since 2009.
The next bad news is that hackers can exploit this flaw through any webpage.
Researchers say that there is a design defect in the Intel’s ‘Dynamic Random Access Memory’ or DRAM chips which provides an easy access to the malicious hackers who are just waiting for the right opportunity to attack the user and collect their personal credentials.
The security researchers say that memory cells in DRAM chips are placed closely, this is done to increase the capacity and decrease the size. However it is this particular placing of the memory cells which leads to the vulnerability, because it becomes difficult to prevent the cells from electrically interacting with each other and repeated access of specific memory locations results in bit flips which can be exploited by the hackers for privilege escalation.
Next, hackers amalgamate the animations or images with their malware and just wait patiently for the user to click this file. Once user clicks the malicious animation or image, the crooks get an easy access to their computer.
The team of security researchers comprising of Daniel Gruss Graz from University of Technology, Austria, Cl´ementine Maurice Technicolor, Rennes, France and Stefan Mangard Graz University of Technology, Austria have published a detailed Proof-of-Concept on the Rowhammer bug which can be accessed here.
Now, Windows as well as Mac computers use Intel chips, which means any computer holds the risk of getting infected by the hackers at any point of time.
Another bad news is that there is no patch, as of now, to fix this issue!
Researchers say that the flaw is not related to the Web server or search engine; however it is something to do with the hardware and internal parts of the computer. Hence, the only solution for now would be to actually replace millions of DRAM chips which are present in the CPU of the computer.
Hopefully, Intel is working to get some solution to this issue soon.
For now, Apple and other hardware manufacturers have released BIOS updates to reduce the Rowhammer attacks.
However, it is a fact that most of the users never update the BIOS and hence the security experts have advised the browser vendors to incorporate certain mechanisms in their products which will protect users against the Rowhammer attacks.