Intel skylake and kaby lake are vulnerable to usb exploits
Table of contents:
Recent research by Positive Technologies has questioned the security of computing equipment based on the Intel Skylake and Kaby Lake processors, specifically the problem affects debugging processing based on the USB 3.0 interface.
Serious vulnerability in Skylake and Kaby Lake
This discovered vulnerability allows to ignore the typical security mechanisms and could be used to corrupt and even subvert a user's system, we point out that it allows you to skip the security measures implemented in both hardware and software. The vulnerability in the debug interface allows the installation of malware and even the rewriting of system firmware and BIOS. Current security tools do not allow the exploit to be detected and can be used on computers with any operating system.
We recommend our guide to the best processors on the market.
In pre-Skylake processors a Special device connected to the debug port of the motherboard (ITP-XDP), something that was not easily accessible since not everyone had the necessary connections. With the arrival of Skylake this has changed with the introduction of a direct connect interface (DCI) that relies on USB 3.0 ports to provide connection to the JTAG debug interface, a much simpler solution than previously used.
In order to exploit the vulnerability, it is only necessary that the DCI interface is enabled, something that comes standard on some systems and otherwise it is very easy to enable it. Fortunately , physical access to the machine and its USB 3.0 ports is required, so it is not particularly worrying for ordinary users, a situation contrary to servers and workplaces. The problem has already been reported to Intel although for the moment there is no solution.
youtu.be/QuuTLkZFsug
Source: techpowerup
Intel unveils details on intel x299 hedt skylake x, kaby lake x and coffee lake s platforms
Finally all the details of the Intel X299 platform with support for the Skylake X and Kaby Lake X processors have come to light.
Intel released coffee lake knowing it is vulnerable to specter and meltdown
Intel was fully aware of the vulnerabilities in its Coffee Lake processors at the time it was released.
Intel coffee lake pin configuration is different from kaby lake and skylake
Intel Coffee Lake processors bring a different pin configuration than Kaby Lake and Skylake on the LGA 1151 socket.