Written byShubham Sharma
The issue is said to be affecting millions of Windows and Linux PCs manufactured before 2019. It can reportedly be used by hackers to break into your system and steal all its data in a matter of minutes.
Here's all you need to know about it.
As revealed by security researcher Björn Ruytenberg, a hacker having physical access to your old Thunderbolt-equipped machine could use a technique called 'Thunderspy' and gain access to the machine's data, Wired reported.
The method, the researcher explained, works even when the device in question is locked with a password, its hard disk data is encrypted, and the Thunderbolt port access is disabled.
According to the researcher, to carry out a Thunderspy attack on a vulnerable PC, a hacker just "needs to do is unscrew the backplate, attach a device momentarily, reprogram the firmware [controlling the Thunderbolt port], reattach the backplate."
The reprogrammed firmware would let the hacker change Thunderbolt port settings and open the way for any malicious peripheral device to access it.
Ruytenberg says the hardware for rewriting the Thunderbolt controller's firmware and overriding its security mechanisms comes at just $400 and could be miniaturized pretty easily in the future.
It gives "full access to the laptop," he said, adding that the entire attack could be wrapped up in less than 5 minutes, without leaving a trace behind.
The vulnerability was disclosed to Intel in February, following which the company issued a statement clarifying that it has created a Thunderbolt security system called Kernel Direct Memory Access Protection to prevent Thunderspy attacks.
However, the thing is, these protections are only available with select notebooks launched in 2019 or later. Older notebooks, including some newer ones from HP, Dell, Lenovo, are still unprotected.
That said, to stay protected, you need to make sure if your notebook has Intel's Thunderbolt protection or not.
If yes, you are good to go. But, in case the security protections are not there, you need to be careful while using the Thunderbolt port. This means you should make sure that it is only used with trusted devices.
Meanwhile, Intel says the researchers didn't demonstrate an attack on PCs with its latest mitigation. "Please check with your system manufacturer to determine if your system has these mitigations incorporated. For all systems, we recommend following standard security practices, including the use of trusted peripherals."
Love Science news?
Subscribe to stay updated.