CVE-2018-6622: TPM Chips Can Be Hijacked by Hackers

TPM chips used in computers of various types have been found to be vulnerable to two new attack types. These hardware components are part of motherboards used in various industries and case scenarios. New security research shows that malicious actors can potentially tamper with the configuration process.

TPM Chips Vulnerabilities Can Manipulate the Configuration Settings of Computers

A new dangerous vulnerability has been identified in the TPM chip used in a wide variety of computers. Their long names mean “Trusted Platform Module” and represent special microcrontrollers that are used in hardware authentication checks. This is an important security operation that makes sure that the specified device possesses the correct identify in order to run the installed operating system. While this is not mandatory with personal computers belonging to ordinary users, it is an important procedure with government or business systems that control important infrastructure. Dedicated specifications oversee the TPM chip procedures.

Recently security researchers from South Korea identified two TPM chip attacks that result in the discovery of a specific vulnerability. They allow a malicious user to tamper with the boot configuration thereby allowing for dangerous conditions to take place. Modifications can modify the boot order by running the first boot device from a removable device which can launch a hostile operating system.

The first attack acts against devices employing a TMP chip set as a static root of trust for measurement (SRTM). The hacker tactic is to abuse power interrupts which can trick the components into running non-secure variables. According to the researchers this is a specification fault. As a result of this the criminals can effectively bypass the placed security measures. A solution is a hardware patch that will remedy the BIOS/UEFI configuration options allowing this.

The (Read more…)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | authored by Martin Beltov. Read the original post at: