First, Intel offered a software fix for users of Pentium III systems who want to deactivate the chip's controversial ID feature. Then, hackers figured out how to disable the fix and crash PIII systems. Now, Symantec's AntiVirus Research Center has designed protection for Intel's software.
Programmers at Zero-Knowledge Systems wrote an ActiveX program that bypasses Intel's Pentium serial number control utility, creates a digital imprint of the user's serial number, and crashes their system. They wanted to show that Intel's software patch is insufficient, says a company representative.
Concerned Symantec customers can download the new detection and elimination software using LiveUpdate or by accessing Symantec's weekly virus definitions hosted on its Web site.
"This exploit is a proof-of-concept that deploys a little Trojan Horse onto a user's system before Intel's serial number control utility can disable the PIII's embedded serial number," says Carey Nachenberg, the chief researcher with the Symantec AntiVirus Research Center.
"But users shouldn't worry," Nachenberg adds, noting the program has not been widely exploited. The threat of litigation and the general lack of anonymity on the Internet "should help to keep it that way".
Symantec and other developers are "enjoying the fact that a lot of people are trying to hack into the Wintel desktop," says Rob Enderle, analyst with Giga Information Group. "It's an ongoing disaster experience".
Zero-Knowledge Systems, an Internet privacy company, created the program to show consumers potential security threats by placing the user's serial number in a cookie file.
"Our research shows that Intel's patch can actually leak out your serial number, even when it tells you that you're safe," said Austin Hill, president of Zero-Knowledge Systems, in an earlier announcement outlining the company's motivations for creating the program.