Intel is fixing a vulnerability that unauthorized people with physical access can exploit to install malicious firmware on a chip to defeat a variety of measures, including protections provided by Bitlocker, trusted platform modules, anti-copying restrictions, and others.
This story originally appeared on Ars Technica, a trusted source for technology news, tech policy analysis, reviews, and more. Ars is owned by WIRED's parent company, Condé Nast.
The vulnerability—present in Pentium, Celeron, and Atom CPUs on the Apollo Lake, Gemini Lake, and Gemini Lake Refresh platforms—allows skilled hackers with possession of an affected chip to run it in debug and testing modes used by firmware developers. Intel and other chipmakers go to great lengths to prevent such access by unauthorized people.
Once in developer mode, an attacker can extract the key used to encrypt data stored in the TPM enclave and, in the event TPM is being used to store a Bitlocker key, defeat the latter protection as well. An adversary could also bypass code-signing restrictions that prevent unauthorized firmware from running in the Intel Management Engine, a subsystem inside vulnerable CPUs, and from there permanently backdoor the chip.
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA
No entries found