Xbox 360 hack was the real deal
The hack of an Xbox 360 demonstrated at the 23rd Chaos Communication Congress (23C3) was not a fake according to recent information. At the end of December, an incognito hacker had a penguin signet and a Mac OS X logo hop across an Xbox 360 along with the message "Coming Soon"; he then left without further comment. A heated discussion ensued about whether the whole deal was just a fake or whether the security measures implemented in the new Xbox, which were supposed to be much stronger than before, still had weak spots that could allow arbitrary code do be injected.
Now, a message posted at a number of security mailing lists shows that the hack was the real McCoy. A hole in the Xbox's hypervisor allows unsigned arbitrary code to be executed to provide access to all resources. The flaw was found in kernel versions 4532 and 4548 but has been remedied in version 4552, which was distributed at the beginning of January via automatic update.
The security model for the Xbox 360 runs all games and applications on the system with restricted rights; they also have to be digitally signed. Only the hypervisor runs with privileged rights; it controls access to memory and cryptographic functions. Among other things, it ensures that executable code stored in memory is encrypted and can only be read. Programs without privileges should therefore not be able to manipulate or inject code. Stack and heap memory are marked as non-executable.
According to the security advisory, the hole that nonetheless allows arbitrary code to be executed is found in the Syscall dispatcher, which allows for communication between the hypervisor and applications. With certain parameters, the hypervisor can be tricked into providing access to memory areas excepted from encryption, read-only access, and other protection. Tables in the Syscall handler can reportedly be manipulated to cause the hypervisor to execute injected code. While a few other changes have to be made, the demonstration at CCC showed that the attack works.
According to the security advisory, Microsoft was informed of the hole on December 15 but failed to react. Only when the flaw was demonstrated at the Congress and Microsoft was contacted again did the vendor react, and then it did so quickly. A patch was provided within six days. Updates for critical holes in Windows that allow attackers to take over PCs generally take much longer.
Microsoft's update to kernel 4552 also prevents a downgrade to an older, vulnerable version by means of an "electronic fuse" (e-fuse) that blows out in the CPU. Microsoft has implemented this technique to prevent the hole in the hypervisor from being used for arbitrary software. The security advisory only mentions this feature at the very end under the somewhat cryptic recommendation to "remove R6T3". That is a resistor on the Xbox 360's board. If it is removed, the upgrade cannot blow out the e-fuse, which would mean that downgrades would still remain possible. However, this step is not possible if the Xbox has ever downloaded an update from the internet.
- Xbox 360 Hypervisor Privilege Escalation Vulnerability, security advisory by Anonymous Hacker