Intel and Lenovo have restricted access to debugging interface of CPUs

News by Roi Perez

Intel and Lenovo have released recommendations that help restrict access to the debugging interface of processors which can be used for cyber-attacks.

Back in January, researchers from Positive Technologies revealed that some new Intel CPUs contain a debugging interface, accessible via USB 3.0 ports, that can be used to obtain full control over a system and perform attacks that are undetectable by current security tools.

Positive Technologies' researchers Maxim Goryachiy and Mark Ermolov explained that modern Intel processors allow usage of the debugging interface via a USB 3.0 port available on many platforms to gain full control over the system. Modern security systems cannot detect such attacks.

Intel has since officially acknowledged this vulnerability and released a BIOS update that blocks access to the debugging interface via USB 3.0 port. It also thanked Positive Technologies' experts Maxim Goryachiy and Mark Ermolov for raising the issue.

In addition, a special security bulletin was published by Lenovo, one of the main equipment manufacturers that uses Intel processors. Several other major vendors have not yet issued recommendations for blocking the attack.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews