There are 16 new BIOS Firmware Vulnerabilities listed by Intel.
Click here to post a comment for There are 16 new BIOS Firmware Vulnerabilities listed by Intel. on our message forum
anticupidon
One has bigger problems if the attacker gains physical access to a machine.
Even so, it's the status quo in the security area, each day brings another vulnerability and so on.
I uses to mock Intel about their track of vulnerabilities and the way they handled those. But I've seen worse, so that's that.
They have more visibility, thus more voices and concerns over the vulnerabilities.
But every major company and manufacturer have their treasure trove of vulnerabilities.
Venix
Required physical access = no worries for us .
schmidtbag
Agreed. I'm growing rather bored of such "vulnerabilities". Once you have physical access, the list of vulnerabilities never really ends. So, articles like this is basically saying "here's another country where the sky is blue".
Erick
Well if you have another situation where the Capitol is stormed and laptops are physically stolen, anything is possible. Who has Intel AMT installed? You can remote into the BIOS with that software, so physical security is not the only attack vector out there for UEFI/BIOS. Who has a BIOS password set on their home computers? Nobody. It's communicating directly with the operating system now.
tunejunky
yes, but none as profligate as Intel.
granted there are more Win machines with Intel than AMD and Apple combined. but AMD and Apple do a very good job of limiting exploits AND Intel does a very poor job of the same.
TheDeeGee
No one get's physical access to my PC, i protect it with my life.
TLD LARS
This is a bit funny, just a couple of weeks after the Intel CEO said that AMD had more vulnerabilities then Intel.
I am generally not bothered by physical access vulnerabilities, but I am sure the bios updates are going to fuck up a couple of company laptops.
Reddoguk
There is also AMD bios vulnerabilities so they're both are as bad as each other.
AMD reports -
• Major vulnerabilities updates, customers are strongly encouraged to update to this release at the earliest.
Credits to "Assaf Carlsbad and Itai Liba from SentinelOne"
• Introduce capsule BIOS support starting this version.
Ghosty
BIOS updates are released by the mobo manufacturer.
alanm
Come on, this is ridiculous. No different than saying your entire PC can blow up. Requires physical access.
Aura89
Do you...never leave the house? Leave the room it is in?
Not saying you should worry about this vulnerability, just your statement is...odd
tunejunky
why yes it does.
as a person who's had their laptop stolen "physical access" is something i care about. yes it was PW'd up the wazoo, but a bios exploit would bypass any pw or fingerprint.
and as i and my company store proprietary and confidential info (which is highly valuable to the right person) i care about it.
for a tower pc it's a bit different as mine weighs 20 kilos.
Astyanax
lmao, a bios exploit is nothing, unless you encrypted your shit they can just change the on screen keyboard exe with the cmd prompt and assume administrator priviledges on the login screen, and all you need is a repair mode iso for that.
Airbud
If you touch my PC I will shoot you...if you stick a thumb drive in it from your pocket I will shoot you twice!
Nuff Said.
