[Bob434]

[[However if you click on an exe, designed by a hacker, containing instructions to allow kernel memory to be read from user mode, then you are screwed. But you were screwed when you clicked on the exe because it can do plenty of damage in plain old user mode. So it doesn’t really matter.]]

Suppose that did happen, woudl system restore be able to undo the damage? (There is a program called rollbackRX which is a form of system restore on steroids- it works at boot level before the OS loads, so it could rollback a system to before the malicious code was executed)

[palmer]

That's a great question. A user mode attack will have a lot of trouble persisting because it needs to write stuff to protected system files like the registry and there will be a UAC turning the screen black asking if you want so-and-so program to muck with the registry. Hopefully most people would say no if they were not installing something and expecting that dialog.

However, if you have patched or otherwise do not have this new Intel (perhaps AMD and ARM too) vulnerability, then the user mode malware that you accidentally ran will not be able to bypass UAC or otherwise muck with your system. Therefore you can grab the power cord and yank it out of the wall, and the threat is gone because it can't persist. Being able to persist more easily is just one of the threats from the Intel bug. But it requires malicious code to be running first. The bug does not let hackers in, or create a backdoor, or do anything else to make it easier to initially attack your computer. It only makes things easier after the initial attack is successful.