Friday, 1 March 2019

Thunderclap hack makes Macs and PCs with Thunderbolt ports vulnerable

If you’ve bought a recently released MacBook, Windows laptop or really any PC equipped with a Thunderbolt port, there’s a new vulnerability you should watch out for.

The new vulnerability has been dubbed Thunderclap and it could leave computers open to serious attacks such as running malicious code on your system. This is on top of the usual, unwarranted access to important data like passwords, encryption keys and any other sensitive data stored on your system.

It’s really bad news mainly because Thunderbolt’s protocols are designed with OS-level access and direct-memory access (DMA) to support high-speed data transfer, video out and its other myriad features. This vulnerability takes advantage of all that high-level access to do more harm.

According to the group of researchers that announced Thunderclap at the Network and Distributed System Security Symposium in San Diego, the Thunderclap vulnerability won’t just affect the latest machines equipped with Thunderbolt 3, but older devices that provide Thunderbolt connectivity through DisplayPort instead of USB-C. 

Thunderclap will specifically affect “all Apple laptops and desktops produced since 2011 are vulnerable, with the exception of the 12-inch MacBook. Many laptops, and some desktops, designed to run Windows or Linux produced since 2016 are also affected." 

How to stay protected from Thunderclap

Now the good news is the team of researchers discovered the problem in 2016 and have been working with manufacturers to develop fixes ever since. 

MacBooks and other Apple computers running at least macOS 10.12.4 should be partially protected from the bug and newer updates should provide even better protection. Meanwhile, Windows 10 version 1803 provides firmware level protection for devices.

The best way to protect yourself from being Thunderclap-ped is to immediately update any computers you have with the latest version of their respective operating systems. Users who want that extra layer of protection can also disable Thunderbolt protocols in your computer's BIOS or UEFI settings.

For the most part, this probably won’t be a vulnerability that will affect most users as it can only be introduced directly through a device’s Thunderbolt port. Most users should be safe just by being vigilant about what they plug into their devices. 

Via The Verge

https://ift.tt/2VuWnU3

No comments:

Post a Comment