Invisible Things Labs researchers Rafal Wojtczuk and Joanna Rutkowska said they've created software that can "compromise the integrity" of software loaded using the Trusted Execution Technology (TXT) that is part of Intel's vPro processor platform. That's bad news, because TXT is supposed to help protect software -- a program running within a virtual machine, for example -- from being seen or tampered with by other programs on the machine. Formerly code-named LaGrande, TXT first started shipping in some Intel-based PCs last year.

Although almost no software uses the TXT technology today, the research could matter a lot to computer companies and government agencies that are thinking of using it to secure their future products.

Wojtczuk and Rutkowska said they've created a two-stage attack, with the first stage exploiting a bug in Intel's system software. The second stage relies on a design flaw in the TXT technology itself, they said in an of their work, released Monday.

The Invisible Things researchers wouldn't say exactly what system software contains one of these "first stage" bugs before they have been patched, because that information could be misused by cyber-criminals.

The "second stage" problem may be tricky to fix, however. "It is still not clear how Intel should address the problem that is exploited by the second stage of our attack," Invisible Things researcher Joanna Rutkowska said in an e-mail interview. "Intel claims it can resolve the issue by updating the TXT specification."