Today (I mean meanwhile :-)) at Blackhat US 2008, Shawn Embleton and Sherri Sparks presented their research concerning the CleanHatConsulting SMM Rootkit.
* The first and main limitation concerns the D_LCK bit. BIOS Vendors enables this bit for some years (maybe like 2/3 years), few times after Loic Duflot first lecture. It means that “new computers” are not vulnerable to this. This limitation has been highlighted by Sherri during her talk. BTW, this limitated had previously been highlighted by a friend.
* The second point I’m going to talk about is how to defeat SMM Rootkit without any external tools or any programming/hardware knowledge.
The main notable point regarding SMM rootkit is the SMRAM can only be accessed if D_LCK is set to 0. But after having infecting the SMRAM the Rootkit, if D_LCK is previously equal to 0, SMM Rootkit locks the SMRAM by setting D_LCK bit to 1 to empeach access to it including from the Kernel.
Then, Windows Kernel cannot access it. Yeah and?
This mean if you hibernate the infected system the saved hibernation file with contains a clean memory snapshot because the infected SMRAM is not copied. REMEMBER! We cannot access it if D_LCK is equal to 1!
When, the computer will boot again (REMEMBER: Hardware reset is the only way to clear the SMRAM, include SMRAMC control register which contains the D_LCK bit), BIOS will rewrite the SMRAM during its initialization. Moreover, while the Windows OS Boot loader will be executed it will read the saved hibernation file wich DO NOT contains the infected SMRAM and the system will resume normaly. Your system is now virgin!
BTW, if you are at Blackhat. I’m giving a talk entitled “Windows hibernation file for fun and profit” tomorrow! Hopin’ to see you!