• BlackLaZoR@kbin.run
    link
    fedilink
    arrow-up
    32
    arrow-down
    1
    ·
    3 months ago

    Requires ring 0 access to the system in the first place. So for any normal user it’s a nothing burger

    • PassingThrough@lemmy.world
      link
      fedilink
      arrow-up
      9
      arrow-down
      2
      ·
      3 months ago

      Not entirely a nothing burger, I think. If there’s any truth to the anti-cheat outrage, there’s a large population of average joes handing out ring 0 access to a growing number of third or fourth party companies for the purpose of kernel level anti-cheat in video games.

      Still a supply chain attack or a vulnerability in one of the A/C programs, but not as impossible as we would like it to be.

    • MetaCubed@lemmy.world
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      3 months ago

      I really dislike the idea of “needs ring 0 = nothingburger”.

      There’s plenty if ways to gain ring 0 access like a user to approving a UAC prompt… Or for an attacker to utilize any number of existing ring 0 escalation vulnerabilities on an unpatched system, or for a UAC bypass to be utilized, or for the attacker to establish a RAT on the system using a tech support scam or similar.

      Difficult? Yes!

      Only viable via a supply chain attack as some like to suggest? Absolutely not.