this post was submitted on 23 Jun 2024
85 points (96.7% liked)

Technology

34438 readers
159 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.

Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.

Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
[email protected]
85
Firmware flaw affects numerous generations of Intel CPUs — UEFI code execution vulnerability found for Intel CPUs from 14th Gen Raptor Lake to 6th Gen Skylake CPUs, and TPM will not save you (www.tomshardware.com)
submitted 2 months ago by [email protected] to c/[email protected]
5 comments fedilink hide all child comments
top 5 comments
sorted by: hot top controversial new old
[–] [email protected] 21 points 2 months ago* (last edited 2 months ago)

Poorly written article with little substance but a zinger of a headline. Think they’re trying to take advantage of announcements of Intel and TPM security flaws in the past to get more clicks.

This is a UEFI firmware issue that can be patched by BIOS vendors. It is an issue at a very low level, but not an issue with Intel or the TPM.

The exploit is in the UEFI firmware code for handling the TPM and used for privilege escalation in that firmware, “TPM won’t save you” doesn’t really make sense because no shit. The vulnerability doesn’t mean the TPM unseals its contents though, and I’m curious if the exploit modifies the PCR values enough that OS security could trigger (Bitlocker recovery and whatever). Wouldn’t help if the malicious software was already there though.

[–] [email protected] 10 points 2 months ago (1 children)

Does TPM do anything ?

[–] [email protected] 10 points 2 months ago

If you disable it you can prevent Microsoft from force updating your windows 10 install to windows 11. Obviously a play to get people to buy new hardware for 11 but a useful anti feature I suppose until you can stomach switching to Linux.

[–] [email protected] 13 points 2 months ago* (last edited 2 months ago) (1 children)

phew! good thing I still have a few 386sx AMI BIOS boards handy. no ones shopping around zero days on those anymore, right?

[–] [email protected] 11 points 2 months ago* (last edited 2 months ago)

Right.