level: expert
In our talk we will discuss the more practical aspects of our work on reversing x86 microcode. This work was presented at Usenix Security 2017 and was well received by both the academic community and independent researchers interested in the low level workings of modern CPUs. We were able to reverse engineer parts of the semantics of the microcode of
older AMD CPUs and can modify their behavior by applying custom written microcode updates. We used this knowledge ot implement both PoC instrumentations and stealthy trojans that allow an adversary to gain control of the execution without needing to abuse any bug in the targeted software.
Besides explaining how our reverse engineering was done and what the microcode format looks like, the talk will also contain a longer demo of our capabilities, including live modification of microcode and applying this to both a K8 laptop and a K10 desktop.