Microsoft Confirms Serious New Security Problem For Windows 10 Users

kltaylor
kltaylor Member, Beta Tester Posts: 1,231
1000 Comments 500 Likes 50 Answers 100 Awesomes
✭✭✭✭✭✭

Microsoft has now joined Intel in confirming a newly reported security vulnerability with Thunderbolt ports, one that enables an attacker with physical access to a PC to modify the port’s controller firmware, disabling its security. As I reported last week, almost all Windows PCs with Thunderbolt ports are vulnerable, except a few from last year that shipped with Kernel DMA protection enabled.

This new security threat has been dubbed “Thunderspy” by Björn Ruytenberg, the Eindhoven University of Technology researcher who discovered and disclosed it. Ruytenberg warns that despite locking or suspending a PC, setting up a Secure Boot and strong system passwords, and enabling disk encryption, “all an attacker needs is five minutes alone with the computer” to compromise a machine.


To read the entire article please click on the Source link above.


"There's a fine line between audacity and idiocy."
-Warden Anastasia Luccio, Captain
Robin_Ex_FingAlbert

Comments

  • Robin_Ex_Fing
    Robin_Ex_Fing Member Posts: 5,293
    5000 Comments 250 Answers 500 Likes 100 Awesomes
    ✭✭✭✭✭✭✭
    Thanks @kltaylor . Its a really good read. I will check the source definitely.

    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
    kltaylor
  • Marc
    Marc Moderator, Beta Tester Posts: 3,107
    250 Answers 1,000 Likes 2500 Comments 250 Awesomes
    ✭✭✭✭✭✭✭
    And here I add the perfunctory "Glad I have Mac" comment... 

    Disclaimer:  This can still occur on a Mac if your running bootcamp so I'll withhold the snarkyness...  

    "What Thunderspy means for Mac users

    In practical terms, attackers won't be able to disable the macOS lock screen or perform other attacks like they could if they had physical access to the device, as long as a user is running macOS instead of Windows or Linux via Boot Camp. Macs running Windows or Linux on Boot Camp, however, are just as vulnerable as other PCs."

    https://appleinsider.com/articles/20/05/11/macs-partially-affected-by-unpatchable-thunderbolt-security-exploit

    Thats Daphnee, she's a good dog...