Ny sårbarhed med 'Thunderclap' truer med at inficere din pc over Thunderbolt-perifere enheder



A new security vulnerability named 'Thunderclap' severely compromises security of computers with USB type-C Thunderbolt ports, or machines with Thunderbolt 3 (40 Gbps) ports. This would be pretty much every MacBook released in the past two years, Macs, and PCs with certain aftermarket Thunderbolt 3 adapters. Chronicled in a paper by the Department of Computer Science and Technology at the University of Cambridge, Rice University and SRI International, is a method for Thunderbolt devices to bypass the host machine's IOMMU (I/O memory management unit), and read its main memory over DMA.

En IOMMU oversætter adresserum mellem enheder og hovedhukommelse og beskytter dermed hukommelsens indhold, der læses af næsten enhver enhed. Gruppen har detaljerede mulige måder til at afbøde denne sårbarhed og videresendt disse afbødninger til Apple, Intel og Microsoft. På nuværende tidspunkt findes der ingen offentlig begrænsning bortset fra at deaktivere Thunderbolt-controlleren på din maskine i dit bundkorts UEFI-installationsprogram.
Source: Tom's Hardware