April 15, 2018 08:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/LMMRQa0gftY/intel-spi-flash-flaw-lets-attackers-alter-or-delete-biosuefi-firmware
Intel SPI Flash Flaw Lets Attackers Alter or Delete BIOS/UEFI Firmware
Catalin Cimpanu, writing for BleepingComputer: Intel has addressed a vulnerability in the configuration of several CPU series that allow an attacker to alter the behavior of the chip's SPI Flash memory -- a mandatory component used during the boot-up process [1, 2, 3]. According to Lenovo, who recently deployed the Intel fixes, "the configuration of the system firmware device (SPI flash) could allow an attacker to block BIOS/UEFI updates, or to selectively erase or corrupt portions of the firmware." Lenovo engineers say "this would most likely result in a visible malfunction, but could in rare circumstances result in arbitrary code execution."Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/LMMRQa0gftY/intel-spi-flash-flaw-lets-attackers-alter-or-delete-biosuefi-firmware
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot