However, according to a report from The Register UK , the exploit is not in its final form or it has not been tested against Intel processors. These reports suggest that the researchers are still at work, however we are in no situation to know what the research team were able to extract from the target. Intel’s patch has been implemented on some of their processors for several years now and it has been acknowledged for its effectiveness. However, an attack using the latest exploit could have a massive impact, not only on the targeted consumer with their PC, but potentially also on the computers of other organisations looking for systems which are vulnerable to backdoors, malware, or data leaking backdoors. On the other hand, we do not think that the attack will have the same impact as the latest Intel patches have on consumer devices, since the devices themselves are not targeted and are not at risk. In any case, the attack is quite serious on a technical level, since it has to date been unable to use any of Intel’s security patches to exploit the attack, despite Intel providing the necessary patches in their security bulletin after the vulnerabilities were disclosed the most recent December 2016. If the latest patch is not available then the attack may not find any other way to access Windows or other security tools such as MS14-048. There were also reports of the attack using a different form of encryption, but these too have not been able to be confirmed. Intel’s patch is the one that has helped stop the exploit from working in the past, however, if they do not have a patch that can disable this new attack then the vulnerability may find a place in a future attack.
The Register comments : What’s more, those who attempt to download the exploit can also download the same file without the patch. So this is not a mere patch and so can still be used for a second attack. Indeed, the Microsoft Security Bulletin said:
“In order to protect organizations, we have released patches to address vulnerabilities in WinMTR v1.1.7 and v1.1.8. If users have installed or are considering installing these patches (including non-current installations), they are encouraged to upgrade to those versions before installing any other products or updating to this bulletin. Further information is available at https://support.microsoft.com/kb/2885883 “