New secret-spilling hole in Intel CPUs sends company patching (again)
-
New secret-spilling hole in Intel CPUs sends company patching (again)
Researchers figure out how to obtain the "fuse encryption key" unique to each CPU.
DAN GOODIN - 11/16/2021, 8:21 AMIntel is fixing a vulnerability that unauthorized people with physical access can exploit to install malicious firmware on the chip to defeat a variety of measures, including protections provided by Bitlocker, trusted platform modules, anti-copying restrictions, and others.
The vulnerability—present in Pentium, Celeron, and Atom CPUs on the Apollo Lake, Gemini Lake, and Gemini Lake Refresh platforms—allows skilled hackers with possession of an affected chip to run it in debug and testing modes used by firmware developers. Intel and other chipmakers go to great lengths to prevent such access by unauthorized people.
-
not again....
-
If you build in a back door, people will use it.
-
@scottalanmiller said in New secret-spilling hole in Intel CPUs sends company patching (again):
If you build in a back door, people will use it.
So tired of Intel's messes.
