It should be noted that if a hacker is able to exploit this, they’d need a lot of access and you’d already be boned. This is no where as bad as what Intel is going through right now.
Saying that you have to “basically throw away your computer” is very misleading to say especially in a subtitle, when that exact thing is actually what is happening with Intel CPUs.
It’s an exploit path to a UEFI bootkit, so at the very least you’d have to throw your motherboard away or find someone that can physically overwrite it through an external flash programmer or something. And the patch should be delivered through a UEFI firmware update, so if your motherboard is no longer supported you would have to buy a new one. And for laptops and embedded devices having everything soldered in, the motherboard is basically the whole computer, so I don’t think it’s that much of an exaggeration.
I guess it’s true that if you have ring 0 access you’re boned, bug if your ring 0 access gets upgraded into ring -2 access you are even more boned. They put those security boundaries in place for a reason after all.
After reading that whole article I feel no more enlightened.
They mentioned secure boot, is secure boot part of the exploit or does the exploit invalidate secure boot?
Man Intel really is paying off a lot of journalists to smear AMD while they are dealing with their rotting chips right now
