If this is a vulnerability that must be addressed then EVERY system administrator in the world should be fired.
The so-called vulnerability requires a system administrator to be physically connected with the system. That means on-site using a trusted console (the one used to start, restart after a termination (hopefully from a system shutdown done at that terminal and not a system abort/crash, application of updates, initiate system debugging, ...). The system administrator should be a "Trusted User". They have all power on the machine.
Okay they discovered the system administrator working from the system console has the ability to cause the injection of code into a running virtual system. BIG FREAKING DEAL.
I was a system programmer/system administrator for years. I actually broke the system (luckily a development and testing system with only a few hundred users on) on more than one occasion. I regularly was working on extraction of information from the OS and when needed injection/modification of information. IT WAS MY JOB. PEOPLE KNEW WHEN I WAS BEING DANGEROUS.
Maybe there was no intention to allow the system administrator that particular ability. Maybe if the administrator is a thief, terrorist, or just stupid prankster they can cause problems. If a site hires an administrator and gives them the complete set of keys to the kingdom (including in this case a few keys not known on the key chain), they are stupid and the HR personnel, the supervisor, and everyone involved in the hiring should be fired.
To be honest depending on what was done and whether I consider the person was a further danger, if I was the boss, I would consider hiring the person to be head of the department with a salary big enough the person will stay legal just because of the legal/respectable/small bragging rights lifestyle they would be living.
This might be a flaw in the intended way the chip works but it is hardly a security issue.
Facebook
Twitter
Instagram