Intel releases a patch for a severe bug that exposes the CPU key

Researchers discover how to obtain a unique 'valve cipher key' for each CPU. Give a variety of abusive actions. It includes Bitlocker protection, trusted platform modules, anti-copy restrictions, and more.

The vulnerability — found in Pentium, Celeron, and Atom processors on the Apollo Lake, Gemini Lake, and Gemini Lake Refresh platforms — would allow skilled hackers with a damaged chip to run it in debug and test modes used by developers. . Intel and other chip manufacturers are doing their best to prevent such unauthorized access.

When you are in developer mode, an attacker can extract the key used to encrypt the data stored in the TPM. And if the TPM is used to store the Bitlocker key, it also destroys the second protection. The enemy can also bypass code signing restrictions that prevent an unauthorized operating system from running on the Intel Management Engine, a subsystem inside vulnerable CPUs, and permanent chip cloning.

Key Cloning

Each Intel CPU has a unique key to generate suffix keys for things like Intel TPM, Advanced Privacy Identifier, and other types of protection that depend on the built-in Intel Silicon features being used. This unique switch is known as a "chipset fuse switch" or "chipset fuse switch", as used in the following Intel graphics:

https: // Intel releases a patch for a serious flaw that exposes the CPU key

Maxim Guriachi, one of the researchers who discovered this vulnerability told me: “We figured out that you can extract this key from the security valves. Do.” Basically, this key is encrypted, but we also found a way to decrypt it, and it allows us to execute instructions Random software in the management engine, extracting bitlocker/tpm keys, etc.”

A blog post published on Monday explains cases in which hackers might use this exploit. Mark Ermolov, another researcher who discovered the vulnerability, wrote, “ An example of a real threat is the loss or theft of laptops containing confidential information in encrypted form.” Using this vulnerability, an attacker can Extract the encryption key and access the information inside the laptop. These forms can also be exploited for targeted attacks across the supply chain. For example, an employee of an Intel-based hardware vendor could, in theory, extract the key to the Intel CSME [Converged Security and Management Engine] middleware and deploy spyware that does not detect security software. The vulnerability is also critical because it facilitates extraction of the root encryption key used in Intel PTT (Platform Trust Technology) and Intel EPID (Enhanced Privacy Identifier) ​​technologies in digital content protection systems against illegal copying. For example, a number of Amazon e-book models use Intel EPID-based protection for digital rights management. With this vulnerability, an attacker could extract the root EPID key from a device (e-book) and then, by hacking Intel EPID technology, download electronic content from providers as a file, copy and distribute it.

Over the past few years, researchers have exploited a range of hardware and performance features of Intel products to break the company's basic security guarantees for its processors.> Additional study Initially, the researchers extracted the secret key used to encrypt the Intel CPU code. In October 2020, the same team of researchers extracted the secret key that encrypts updates for a batch of Intel CPUs. Having an unencrypted version of an update could allow hackers to reverse engineer it and see exactly how to exploit the patch it makes. This switch may also allow non-Intel people - such as a malicious hacker or enthusiast - to update their chips with their own microcode, although this custom version will not persist after a reboot.

In the past two years, researchers have also discovered at least four vulnerabilities in SGX, which stands for Software Protection Extensions, which act as a digital vault within silicon to protect the secrets of the most sensitive users.

Intel added these features as a way to differentiate its CPUs from the competition. Concerns about cost, general performance, and the unreliability of these features have led Google and many other organizations to look for alternatives when creating reliable computing databases to protect sensitive data.

My Comment, Intel, Ken White, Security Researcher wrote in an email: The record of providing a reliable computing base, especially about ME [Management Engine], is disappointing, and it is a charitable work. “It significantly undercuts the decision that Google and other big tech companies have made over the past five years to phase out Intel's internal management suite of dedicated TCB services. When you don't have complex third-party systems to maintain and power, you get the added benefit of Lack of debug paths for an attacker to exploit this complexity Surrounded by a continuous torrent of attack classes called Specter and Meltdown Both attack classes exploit performance improvements known as guesswork to allow hackers to access passwords, encryption keys and other supposedly unauthorized data Infected bugs Many chip makers, with Intel particularly affected by Specter and Meltdown, as many of their chips are more speculative than competing chips.

Intel recently released this recommendation. Which evaluates security vulnerabilities. Density of updates are provided In a UEFI BIOS update available from OEMs or motherboard manufacturers.There is no evidence that this bug, which has been tracked as CVE-2021-0146, has been exploited. beach. By its very nature, the difficulty of doing so makes it impossible for all but the most skilled hackers to do so.

"Users should update the systems with the latest systems and operating systems." Systems at Intel officials said in a statement that the original hardware manufacturer has turned off the device and has enabled Intel Firmware Version Control Technology. They can be used for indiscriminate attacks, but at least in theory they can be used in cases where enemies with large resources are hunting down high-value targets. However, install this update on damaged devices. , but if you don't have access to it for a week or two, don't worry.

Intel releases a patch for a severe bug that exposes the CPU key
intel-releases-a-patch-for-a-severe-bug-that-exposes-the.html Sonos app revealed an unannounced mini subwoofer

Sonos app revealed an unannounced mini subwoofer

A reference to a "smaller drum subwoofer" seen by a Reddit user.

Small spaces often mean poor sound. If you're like me and live in a cramped ... Best Cyber ​​Monday deals on Apple devices

Best Cyber ​​Monday deals on Apple devices

Apple participated in the Black Friday event and offered gift cards on many of its most popular devices.

... AirPower is alive, perhaps: Apple is still working on a three-device wireless charger

AirPower is alive, perhaps: Apple is still working on a three-device wireless charger

Apple may beat induction wireless charging pads for something better. AirPower, which has been canceled for a long time, is working.

... Two months later, Windows 11 is still in development

Two months later, Windows 11 is still in development

Features added and bug fixes, but no issues yet.

When we looked at Windows 11 about two months ago, it was clear that some parts of the opera... Here are the best Cyber ​​Monday deals under $60

Here are the best Cyber ​​Monday deals under $60

Including 4K players, board games, Fire HD tablets, microSD cards, and more. Let's go. Just because a deal might be worthwhile doesn't necessarily mea... One day, live 3D printer ink can be used to construct buildings in space

One day, live 3D printer ink can be used to construct buildings in space

A programmable ink made with E. coli can "regulate cell growth". A good robot in Super Mario Bros. - and even reptiles that can deform in humans. But ...