Hackers can use just-fixed Intel bugs to put in malicious firmware on PCs



Enlarge (credit score: Getty Photographs)
As the quantity of delicate knowledge saved on computer systems has exploded over the previous decade, {hardware} and software program makers have invested growing quantities of assets into securing gadgets towards bodily assaults within the occasion that they’re misplaced, stolen, or confiscated. Earlier this week, Intel mounted a collection of bugs that made it attainable for attackers to put in malicious firmware on hundreds of thousands of computer systems that use its CPUs.
The vulnerabilities allowed hackers with bodily entry to override a safety Intel constructed into fashionable CPUs that forestalls unauthorized firmware from operating throughout the boot course of. Generally known as Boot Guard, the measure is designed to anchor a series of belief immediately into the silicon to make sure that all firmware that hundreds is digitally signed by the pc producer. Boot Guard protects towards the potential for somebody tampering with the SPI-connected flash chip that shops the UEFI, which is a posh piece of firmware that bridges a PC’s gadget firmware with its working system.
{Hardware}-enforced safety
These kind of hacks sometimes occur when attackers connect {hardware} to the insides of a pc and use Dediprog or comparable chip programming instruments to switch approved firmware with malicious firmware.Learn 9 remaining paragraphs | Feedback



Supply hyperlink

Leave a Reply

Your email address will not be published. Required fields are marked *