Intel Skylake and Kaby Lake systems are vulnerable to a USB debugging exploit

Simon Belmont · 11 Jan 2017 at 20:45

Hope this gets sorted quickly?

https://www.overclock3d.net/news/cp...s_are_vulnerable_to_a_usb_debugging_exploit/1

mattyfez · 11 Jan 2017 at 22:03

Looks like you need physical access to the PC to use the exploit? Meh.

Disco_P · 11 Jan 2017 at 23:49

Seems it only affects U CPUs on certain motherboards with physical access to the machine.

I honestly couldn't worry less.

Quartz · 12 Jan 2017 at 00:16

Infected USB sticks are not new.

Harlequin · 12 Jan 2017 at 12:41

Intel's new CPUs flawed: full system control over USB

Intel's new CPUs flawed: full system control over USB

Positive Technologies, a security vendor, has discovered that some of Intel's new CPUs have a debugging interface that can be accessed through USB 3.0 ports. This provides the hacker - and at the point of using as USB flash drive, any person in the world that can hold a USB stick in their hands - full control over the PC. Worse yet, it is completely undetectable by current security tools.

Read more: http://www.tweaktown.com/news/55828...ll-system-control-over-usb/index.html[/quote]

this includes kaby lake as well

Silent_Scone · 12 Jan 2017 at 12:54

Repost.

Legend · 12 Jan 2017 at 12:55

This already came up... requires physical access to a USB port. So be extra vigilant of anyone knocking at your door who is in possession of any kind of USB device and requesting access to your PC. I know it's the done thing and only polite to allow such people access in to your home, but PLEASE try and keep them away from your PC, no matter how nicely they ask.

gbgt2 · 12 Jan 2017 at 14:29

Doesn't necessarily require physical access when most people don't disable autorun and pick up random USB keys they find on the ground ..

HeX · 12 Jan 2017 at 15:00

Plus I assume it's more of a risk for businesses where laptops/pc's are left unattended all the time.

Ayahuasca · 12 Jan 2017 at 15:07

Not an issue for home users really but a nightmare for anyone on the move and businesses.

MrYiff · 12 Jan 2017 at 15:46

gbgt2 said:
Doesn't necessarily require physical access when most people don't disable autorun and pick up random USB keys they find on the ground ..

Pretty sure autorun has been disabled by default for a number of years now (one of the XP service packs I think?)

mmj_uk · 12 Jan 2017 at 16:08

This is why Intel's mainstream (mobile) platform is generations ahead of the enthusiast (servers) platform, it's just a testing ground because bugs like this aren't really as critical.

morta · 12 Jan 2017 at 16:16

lol seriously.people knocking at my door requesting access to my pc? haha thats funny. well il be sure to know if that dose happen il know straight away its a scam since thats never happend before.

gbgt2 · 12 Jan 2017 at 16:19

MrYiff said:
Pretty sure autorun has been disabled by default for a number of years now (one of the XP service packs I think?)

Actually yes you are right. However I think there are potential ways around that (for example reprogramming a USB drive to act as a HID, or Stuxnet used a zero-day vulnerability in LNK files)

Demo · 12 Jan 2017 at 22:48

gbgt2 said:
Doesn't necessarily require physical access when most people don't disable autorun and pick up random USB keys they find on the ground ..

So true, I couldn't get the bins out yesterday due to the pile of wind-blown USB sticks piled up against my garden gate.

eddiew · 13 Jan 2017 at 10:59

1) Get a cleaning job in a large office building with many small companies that have poor IT security.

2) Insert USB stick into unattended desktops at 7am.

3) ???

4) Profit!

...meant that to be funny, realised it's entirely possible to do. Let's hope this issue goes away before the average small company buys new hardware :/

Scougar · 13 Jan 2017 at 13:46

Go for an interview with false credentials. Insert USB stick that identifies itself as a keyboard and you are good to go. You don't need a new USB exploit to get going, one already exists thanks to how keyboards are seen by the computer.

Mercutio · 17 Jan 2017 at 12:50

gbgt2 said:
Doesn't necessarily require physical access when most people don't disable autorun and pick up random USB keys they find on the ground ..

I can count on no hands the amount of random USB keys I've found on the ground

Quartz · 17 Jan 2017 at 13:42

Legend said:
This already came up... requires physical access to a USB port.

This is a real problem when the person inserting the device is you. The device doesn't have to be a memory stick. It could be a mouse or a wifi adapter or anything. It might even be what looks like a USB cable. If you're a business, how are you going to respond to a package containing free product samples? "We are announcing our new range of multicoloured USB cables. Please find enclosed a sample of our range from 0.5 to 3 metres. All cable lengths are available in all colours; custom colours available on request..." Just as data centres colour code network cables, so I've known organisations that would love to colour code USB connections. Plug in and it's too late.