Microsoft koom tes nrog Intel, Qualcomm thiab AMD mobile systems nrog kho vajtse tiv thaiv tawm tsam ntawm firmware. Lub tuam txhab raug yuam kom tsim xws li kev suav platforms los ntawm kev tawm tsam ntau ntxiv rau cov neeg siv los ntawm lub npe hu ua "dawb kaus mom hackers" - pab pawg ntawm cov kws tshaj lij nyiag nkas subordinate rau tsoomfwv cov koomhaum. Tshwj xeeb, ESET cov kws paub txog kev ruaj ntseg ntaus nqi zoo li no rau ib pawg ntawm Lavxias teb sab hackers APT28 (Fancy Xyooj). Pab pawg APT28 tau liam tias tau sim software uas ua haujlwm tsis zoo thaum thauj khoom firmware los ntawm BIOS.
Ua ke, Microsoft cybersecurity cov kws tshaj lij thiab cov neeg tsim khoom tsim tau nthuav tawm cov kev daws teeb meem silicon hauv daim ntawv kho vajtse ntawm kev ntseeg siab. Lub tuam txhab hu ua xws li PCs Secured-core PC (PC nrog cov tub ntxhais ruaj ntseg). Tam sim no, Secured-core PCs suav nrog ntau lub laptops los ntawm Dell, Lenovo thiab Panasonic thiab Microsoft Surface Pro X ntsiav tshuaj Cov no thiab cov PCs yav tom ntej uas muaj kev ruaj ntseg yuav tsum muab rau cov neeg siv kev ntseeg siab tias txhua qhov kev suav yuav ntseeg tau thiab yuav tsis ua rau. data compromise.
Txog tam sim no, qhov teeb meem nrog rugged PCs yog tias firmware microcode tau tsim los ntawm motherboard thiab system OEMs. Qhov tseeb, nws yog qhov txuas tsis muaj zog tshaj plaws hauv Microsoft cov khoom siv. Xbox gaming console, piv txwv li, tau ua haujlwm raws li Secured-core platform rau xyoo, txij li kev ruaj ntseg ntawm lub platform ntawm txhua qib - los ntawm kho vajtse mus rau software - yog saib xyuas los ntawm Microsoft nws tus kheej. Qhov no tsis tau nrog PC txog tam sim no.
Microsoft tau txiav txim siab yooj yim kom tshem tawm cov firmware los ntawm cov npe sau nyiaj thaum lub sijhawm ua pov thawj thawj zaug ntawm tus kws lij choj. Ntau precisely, lawv outsourced cov txheej txheem pov thawj mus rau lub processor thiab ib tug tshwj xeeb nti. Qhov no zoo nkaus li siv tus yuam sij kho vajtse uas tau sau rau lub processor thaum tsim khoom. Thaum lub firmware loaded rau lub PC, lub processor xyuas nws rau kev ruaj ntseg thiab seb nws puas ntseeg tau. Yog tias tus processor tsis tiv thaiv lub firmware los ntawm kev thauj khoom (nws lees txais nws raws li kev ntseeg siab), kev tswj hwm lub PC raug xa mus rau qhov kev ua haujlwm. Lub kaw lus pib xav txog lub platform uas ntseeg siab, thiab tsuas yog tom qab ntawd, dhau los ntawm Windows Hello txheej txheem, tso cai rau tus neeg siv nkag mus rau nws, kuj tseem muab kev nkag mus ruaj ntseg, tab sis nyob rau theem siab tshaj.
Ntxiv nrog rau cov processor, System Guard Secure Launch nti thiab cov haujlwm ua haujlwm loader tau koom nrog hauv kev tiv thaiv kho vajtse ntawm lub hauv paus ntawm kev ntseeg siab (thiab firmware kev ncaj ncees). Cov txheej txheem tseem suav nrog cov thev naus laus zis virtualization, uas cais lub cim xeeb hauv kev ua haujlwm los tiv thaiv kev tawm tsam ntawm OS kernel thiab cov ntawv thov. Tag nrho cov kev nyuaj no yog npaj los tiv thaiv, ua ntej ntawm tag nrho cov, cov neeg siv, tab sis sai los yog tom qab ib yam dab tsi zoo sib xws tej zaum yuav tshwm sim nyob rau hauv cov neeg siv khoom PCs.
Tau qhov twg los: 3d xov.ru