Well SPIt, Intel firmware is a wee bit vulnerable

Subject: General Tech | April 16, 2018 - 01:24 PM |
Tagged: uefi, SPI, security, Intel, bios

The one part of your computer you still rely on to be safe are firmware updates to your UEFI, but of course there are also cases where this too can prove to be vulnerable.  It seems there is a vulnerability in the way the the SPI flash is configured on on a variety of Intel CPUs stretching all the way back to Broadwell, straight through to the current chips.  There is good news as a patch for this vulnerability has already been provided to PC and motherboard manufactures according to the information over at Bleeping Computer so check for BIOS updates over the next while.  As this does stretch back to models which no longer receive regular updates, hopefully even those ancient devices will receive an update.

View Full Size

"According to Lenovo, who recently deployed the Intel fixes, "the configuration of the system firmware device (SPI flash) could allow an attacker to block BIOS/UEFI updates, or to selectively erase or corrupt portions of the firmware.""

Here is some more Tech News from around the web:

Tech Talk


April 16, 2018 | 03:50 PM - Posted by Lemonsquare

Much like Spectre v2, you can count on ASUS (and probably many others) NOT issuing updates for this unless you're on basically Skylake or newer. The PC motherboard market and updates is about as good as Android's situation.

April 16, 2018 | 04:09 PM - Posted by RingersEnThings (not verified)

Laptop OEMs and any Service after the Sale is never to be expected as far as Firmware Updates on older Laptop SKUs so there will be millions of unpatched computers in the wild!

It's Fat Chance for Pigs with wings in the bowels of snow covered Hell that Laptop OEMs will even give 1/10th of a Rat's shiny red A$$ about their customers with older lappy SKUs.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.