Can a virus melt the CPU?

I was just wondering if a virus could melt a CPU by altering te voltage in the bios. :)

(and no, I'm not planning on making that kind of a virus...)


Solution 1:

It's definitely possible if the chip failsafe can be overriden. See for example the research paper "Potential thermal security risks". From page 4:

Permanent Damage – Disabling the Failsafe. The Intel failsafe cannot be disabled as far as we know, but older motherboards for AMD AthlonXP processors did not provide an adequate failsafe. [13] Although that problem was quickly rectified, even newer motherboards may allow the failsafe to be bypassed by disabling the thermal-emergency shutdown procedure in the BIOS. Obviously, we did not try this, but the same scenario that engaged the failsafe with the Pentium 4 would overheat and quickly destroy the processor. This is not reported to criticize AMD systems, but simply to show the importance of a failsafe mechanism that is hardwired. AMD has built a thermal trip mechanism in its latest generation of processors: the Athlon64. Similar to the P4, once the failsafe is engaged the CPU will shutdown its internal clock and inform the motherboard to reset through a THERMTRIP pin [14].

Accelerated aging caused by overheating (also discussed in that paper) is another, less spectacular but perhaps more likely attack.

A third possibility is an attack overclocking a CPU beyond recommended tolerances. For example, although an artificial overclocking lock may be present, it may not be secure, as in the case of the Intel 925X chip.

Note that similar attacks are possible on other pieces of hardware (see the question Can some software physically damage hardware? for details).

Solution 2:

No.

It is possible that a virus can make an application take up 100% of the CPU cycles - causing heat if it is done for a prolonged period of time, but unless it also manages to reflash / damage the BIOS, the thermal sensors of any modern motherboard will shut it down before it reaches any critical temperature.

Solution 3:

The answer is intrinsically hardware dependent. See Halt and Catch Fire and Killer Poke for some rather out of date hardware that could be damaged by software. Generally such features are regaurded as bugs, and most designs seek to prevent them.