Hackers can install malicious firmware on PCs because of recent Intel bugs


Intel has recently addressed a series of glitches that could otherwise make millions of computers that run with its hardware vulnerable to malicious attacks via tampered firmware.

The susceptibility draws power from giving hackers physical access to the device which paves way for the overriding of the Boot Guard, which is essentially Intel’s security mechanism for ensuring that the system only runs digitally-signed firmware from the equipment manufacturer.

Three of the many vulnerabilities were discovered by a security researcher, Trammel Hudson, early this year, who saw the exploit, dubbed the “S3,” taking place when the system goes out of sleep mode. Which, as it appears, is a state where the system puts all its resources into memory while leaving the CPU completely closed off.


Related: How to remove Android phone malware

Subverting Boot Guard does come with major implications, which can vary between giving illicit users access to keys that are used to encrypt hard drives and installing rootkit.

Although a serious condition indeed, it is worth noting that having physical access to a targeted device is hardly many hackers’ preferred mode of operation as it’s riskier. To reinforce security against such attacks, Intel is urging its patrons to maintain “physical possession” of their devices and update them to the latest software.

Via: Arstechnica

Leave a Reply

Your email address will not be published. Required fields are marked *