Thunderclap Vulnerabilities Allow Attacks Using Thunderbolt Peripherals

  • 0 Replies
  • 117 Views
*

Offline Bugbatter

  • Microsoft® MVP
  • Administrator
  • Diamond Member
  • 10671
Modern computers that come with a Thunderbolt interface and run Windows, macOS, Linux, or FreeBSD are vulnerable to a range of Direct Memory Access (DMA) attacks performed by potential attackers with physical access to the device using malicious peripherals.

The security flaws collectively dubbed "Thunderclap" can be exploited to run arbitrary code using highest possible privilege level on the system to potentially access or steal "passwords, banking logins, encryption keys, private files, browsing," and other sensitive data present on machine that come with ports for peripherals that use PCI Express (PCIe) and USB-C ports.

https://www.bleepingcomputer.com/news/security/thunderclap-vulnerabilities-allow-attacks-using-thunderbolt-peripherals/


Microsoft MVP Consumer Security 2006-2016
Microsoft Windows Insider MVP 2016-