Abaphandi abavela kwi-Positive Technologies
Ubuthathaka bubangelwa yi-bug kwi-hardware kunye ne-Intel CSME firmware, ebekwe kwi-ROM ye-boot, ethintela ingxaki ukuba ilungiswe kwizixhobo esele zisetyenziswa. Ngenxa yobukho befestile ngexesha lokuqalisa kwakhona kwe-Intel CSME (umzekelo, xa uphinda uqalisa imo yokulala), ngokusebenzisa i-DMA manipulation kunokwenzeka ukuba ubhale idatha kwi-Intel CSME memory static kwaye uguqule esele iqalisiwe i-Intel CSME yephepha leetafile zememori ukuthintela ukubulawa, fumana iqhosha leqonga, kwaye ufumane ulawulo phezu kokuveliswa kwezitshixo zofihlo kwiimodyuli ze-Intel CSME. Iinkcukacha zokusetyenziswa kobuthathaka zicwangciswe ukuba zipapashwe kamva.
Ukongeza ekukhupheni isitshixo, impazamo ikwavumela ukuba ikhowudi iqhutywe kwinqanaba lelungelo elikhethekileyo
Iziphumo ezinokwenzeka zokufumana iqhosha lengcambu yeqonga libandakanya inkxaso ye-firmware ye-Intel CSME components, ukuthotyelwa kweenkqubo zokufihla imidiya esekwe kwi-Intel CSME, kunye nokuba nokwenzeka kokwenza izihlonzi ze-EPID (
Kuqatshelwe ukuba iqhosha lengcambu leqonga ligcinwe kwifom efihliweyo kwaye ukwenzela ukulungelelaniswa okupheleleyo kuyafuneka ukongezelela ukugqiba isitshixo se-hardware esigcinwe kwi-SKS (Khusela ukugcinwa kweSitshixo). Isitshixo esichaziweyo asifani kwaye siyafana kwisizukulwana ngasinye se-Intel chipsets. Kuba i-bug ivumela ikhowudi ukuba iqhutywe kwinqanaba phambi kokuba indlela yokuvelisa engundoqo kwi-SKS ivaliwe, kuqikelelwa ukuba kungekudala okanye kamva eli qhosha le-hardware liya kumiselwa.
umthombo: opennet.ru