Experts spotted two undocumented x86 instructions in Intel CPU that can be exploited to take control

Dmitry Skylarov and Marl Ermolov of the Positive Technologies research team revealed the finding of two never documented before x86 instructions on Intel processors that could allow threat actors to take full control of the microarchitecture, modifying the control bus access code without going through a signature verification process.

According to the report, activating these unreleased instructions requires the processor to be in Red Unlock mode. It should be remembered that Intel developers use activating this processor mode to debug their internal components, so this mode is not enabled by default; however, some processors are affected by security flaws that could allow arbitrary activation.

Through his Twitter account, Ermolov mentioned: “These instructions are decoded in all modes, even in user mode, although Red Unlock mode allows interaction with them. We’ll reveal more details shortly.”

Specialists add that these instructions allow you to control the central processor and eventually the system at the architecture and microcode level without having to go through a number of protection measures. These instructions work exactly on modern Atom processors, but may also be present on other Intel processors.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) website.