A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » General XP issues or comments
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Newly found unfixable vulnerability in Intel chipsets of the past five years may compromise platform encryption keys



 
 
Thread Tools Display Modes
  #1  
Old March 6th 20, 07:36 PM posted to alt.comp.os.windows-10,alt.os.linux,microsoft.public.windowsxp.general
Arlen Holder[_6_]
external usenet poster
 
Posts: 306
Default Newly found unfixable vulnerability in Intel chipsets of the past five years may compromise platform encryption keys

Dateline today & yesterday...

"Most Intel chipsets released in the last five years contain the
vulnerability in question."

o Positive Technologies: Unfixable vulnerability in Intel chipsets
threatens users and content rightsholders
https://www.ptsecurity.com/ww-en/about/news/unfixable-vulnerability-in-intel-chipsets-threatens-users-and-content-rightsholders/
"An error in chipset read-only memory (ROM) could allow attackers to
compromise platform encryption keys and steal sensitive information.

"By exploiting vulnerability CVE-2019-0090, a local attacker could
extract the chipset key stored on the PCH microchip and obtain access
to data encrypted with the key. Worse still, it is impossible to detect
such a key breach. With the chipset key, attackers can decrypt data
stored on a target computer and even forge its Enhanced Privacy ID
(EPID) attestation, or in other words, pass off an attacker computer
as the victim's computer. EPID is used in DRM, financial transactions,
and attestation of IoT devices."

o Unfixable boot ROM security flaw in millions of Intel chips could
spell utter chaos for DRM, file encryption, etc
https://www.theregister.co.uk/2020/03/05/unfixable_intel_csme_flaw/
"It cannot be fixed without replacing the silicon, only mitigated,
it is claimed: the design flaw is baked into millions of Intel processor
chipsets manufactured over the past five years. The problem revolves
around cryptographic keys that, if obtained, can be used to break the
root of trust in a system."

o Another unfixable Intel chip flaw could render Apple's FileVault useless
https://9to5mac.com/2020/03/06/intel-chip-flaw/
"a completely new issue has been discovered that is unpatchable
and could render useless SSD encryption like Apple's FileVault
on pre-T1 or T2 Macs"

"a brand new chip-level vulnerability has been discovered in Intel chips,
which is impossible to patch. This potentially lets an attacker
compromise the startup process to gain access to keys used to
encrypt the drive"

etc.
--
Together we can learn far more than anyone of us can by learning alone.
Ads
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 02:15 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.