Subject: General Tech | April 16, 2018 - 01:24 PM | Jeremy Hellstrom
Tagged: uefi, SPI, security, Intel, bios
The one part of your computer you still rely on to be safe are firmware updates to your UEFI, but of course there are also cases where this too can prove to be vulnerable. It seems there is a vulnerability in the way the the SPI flash is configured on on a variety of Intel CPUs stretching all the way back to Broadwell, straight through to the current chips. There is good news as a patch for this vulnerability has already been provided to PC and motherboard manufactures according to the information over at Bleeping Computer so check for BIOS updates over the next while. As this does stretch back to models which no longer receive regular updates, hopefully even those ancient devices will receive an update.
"According to Lenovo, who recently deployed the Intel fixes, "the configuration of the system firmware device (SPI flash) could allow an attacker to block BIOS/UEFI updates, or to selectively erase or corrupt portions of the firmware.""
Here is some more Tech News from around the web:
- Hackers Stole a Casino's High-Roller Database Through a Thermometer in the Lobby Fish Tank @ Slashdot
- Thousands of Android apps may be collecting children's data illegally @ The Inquirer
- Sophisticated APT surveillance malware comes to Google Play @ Ars Technica
- Google is testing 'self-destruct' function for Gmail @ The Inquirer
- Exposed: Lazy Android mobe makers couldn't care less about security @ The Register
- Apple's leaked memo warns leakers to stop leaking leaks @ The Inquirer