Hackers can use just-fixed Intel bugs to install malicious firmware on PCs

Computer makers are in the process of patching Boot Guard. Have you installed it yet?



As the amount of sensitive data stored on computers has exploded over the past decade, hardware and software makers have invested increasing amounts of resources into securing devices against physical attacks in the event that they’re lost, stolen, or confiscated. Earlier this week, Intel fixed a series of bugs that made it possible for attackers to install malicious firmware on millions of computers that use its CPUs.


The vulnerabilities allowed hackers with physical access to override a protection Intel built into modern CPUs that prevents unauthorized firmware from running during the boot process. Known as Boot Guard, the measure is designed to anchor a chain of trust directly into the silicon to ensure that all firmware that loads is digitally signed by the computer manufacturer. Boot Guard protects against the possibility of someone tampering with the SPI-connected flash chip that stores the UEFI, which is a complex piece of firmware that bridges a PC’s device firmware with its operating system.


Read More...


Courtesy of Ars Technica

Article Author: Dan Goodin



This website uses cookies to ensure you get the best experience. Click here to learn more.