Nova ranjivost 'Thunderclap' prijeti da će zaraziti vaše računalo preko Thunderbolt perifernih uređaja



A new security vulnerability named 'Thunderclap' severely compromises security of computers with USB type-C Thunderbolt ports, or machines with Thunderbolt 3 (40 Gbps) ports. This would be pretty much every MacBook released in the past two years, Macs, and PCs with certain aftermarket Thunderbolt 3 adapters. Chronicled in a paper by the Department of Computer Science and Technology at the University of Cambridge, Rice University and SRI International, is a method for Thunderbolt devices to bypass the host machine's IOMMU (I/O memory management unit), and read its main memory over DMA.

IOMMU prevodi adresne prostore između uređaja i glavne memorije te na taj način štiti sadržaj vaše memorije koji se čita na bilo kojem uređaju. Grupa je detaljno opisala moguće načine ublažavanja ove ranjivosti te je te mjere ublažavanja proslijedila Appleu, Intelu i Microsoftu. Za sada ne postoji javno ublažavanje, osim isključivanja Thunderbolt kontrolera vašeg računala u programu za postavljanje UEFI matične ploče.


Source: Tom's Hardware