gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
75369 Posts in 13193 Topics by 2639 Members - Latest Member: Selenases September 26, 2017, 12:41:33 pm
*
gfx*gfx
gfx
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  USB debugging exploit
gfx
gfxgfx
 

Author Topic: USB debugging exploit  (Read 342 times)

0 Members and 1 Guest are viewing this topic.

USB debugging exploit
« on: January 17, 2017, 01:57:27 am »
https://www.overclock3d.net/news/cpu_mainboard/intel_skylake_and_kaby_lake_systems_are_vulnerable_to_a_usb_debugging_exploit/1



This vulnerability allows attackers to bypass security mechanisms by using a debugging interface exploit, which allows attackers to install malicious code, rewrite firmware and even rewrite your system's BIOS. This bug affects any system with a Skylake CPU that has a debugging interface that is accessible via USB 3.0. What is most scary about this exploit is that it is currently undetectable using existing security tools.

In the past, this kind of debugging was done using a special device which used a motherboard's specialised debugging port (which has a specialised connector), though since Skylake Intel has moved to a direct contact interface (DCI) that provides access to the JTAG (Joint Test Action Group) debugging interface through USB 3.0.

Thankfully this vulnerability has already been reported to Intel, though at this time this exploit leaves all systems with Intel U-series CPUs vulnerable, regardless of the OS or software used.

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: USB debugging exploit
« Reply #1 on: January 17, 2017, 02:26:17 am »
One point of note, if you know the checksum of your bios it is trivial to ensure that it at least is untampered with, however if the attacker is not simply wanting to mess with such a low level item but instead is looking for a "rootkit" style attack your on your own unless intel proffer some code that looks at instructions and machine cycles in some sort of ratio, of course i still own an athlon  :lol:

This type of issue will be small scale I believe simply because physical access is required to exploit the processor.

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  USB debugging exploit
 

gfxgfx
gfx
©2005-2017 WinMXWorld.com. All rights reserved.
SMF 2.0.14 | SMF © 2017, Simple Machines
Page created in 0.03 seconds with 21 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!