Windows 10 News and info | Forum
March 20, 2019, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Thunderclap vulnerability allows hackers to exploit PCs using Thunderbolt  (Read 24 times)
javajolt
Administrator
Hero Member
*****
Online Online

Gender: Male
United States United States

Posts: 29746


I Do Windows


WWW Email
« on: February 27, 2019, 01:08:54 PM »
ReplyReply

The vulnerability was published earlier today by a group of researchers at the University of Cambridge, Department of Computer Science and Technology, Rice University, and SRI International. The paper presentation happened at the Network and Distributed System Security Symposium (NDSS) in San Diego, California. It describes a set of vulnerabilities in macOS, FreeBSD, and Linux, “which notionally utilize IOMMUs to protect against DMA attackers.”

The issue is related to the Direct Memory Access enabled by Thunderbolt and is not properly presented by the existing IOMMU protection system.

According to the paper, most of the modern computers are affected by this vulnerability which includes, but are not limited to the following:

■ Thunderbolt 3 is often supported via USB Type-C ports on modern laptops.

■ Machines with older versions of Thunderbolt (carried over a Mini DisplayPort connector) are also affected.

■ All Apple laptops and desktops produced since 2011 are vulnerable, with the exception of the 12-inch MacBook.

■ Many laptops, and some desktops, designed to run Windows or Linux produced since 2016 are also affected – check whether your laptop supports Thunderbolt.

■ Thunderclap vulnerabilities can also be exploited by compromised PCI Express peripherals, either plug-in cards or chips soldered to the motherboard.


Pic Credit: BleepingComputer - click to enlarge

In 2016, OS vendors added Thunderclap mitigation measures to their platforms but the measures are not 100% effective and security flaws still impact systems protected using IOMMU. While some platform such as Windows 7 doesn’t even come with IOMMU, on the OSs where it is present IOMMU is either limited (Windows 10 Enterprise), disabled out of the box. The only platform where it is enabled is macOS, but even then the users aren’t safe given that Thunderclap vulnerabilities can still circumvent it.

The best way to protect is to make sure you disable all the thunderbolt ports and don’t share publicly available hardware such as chargers as they might be altered to target devices. The best practice to stay safe is to make sure you don’t leave your laptop unattended.

Quote
Such attacks are very plausible in practice. The combination of power, video, and peripheral-device DMA over Thunderbolt 3 ports facilitates the creation of malicious charging stations or displays that function correctly but simultaneously take control of connected machines.

– Theodore Markettos


source
Logged



Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page March 02, 2019, 04:07:04 PM