Thunderclap threatens to infect your pc through thunderbolt peripherals

A new security vulnerability called Thunderclap seriously compromises the security of computers with USB-C Thunderbolt ports, or those computers with Thunderbolt 3 ports (40 Gbps).

A vulnerability affects all computers with a Thunderbolt connection

This means that the vulnerability is affecting almost every MacBook released in the past two years, Macs and PCs with Thunderbolt 3 adapters. The Department of Informatics and Technology at Cambridge University, Rice University and SRI International say that this vulnerability uses a method for Thunderbolt devices to bypass the IOMMU (I / O Memory Management Unit) of the host PC, and read your main memory through the DMA.

An IOMMU translates the address spaces between the devices and the main memory, and thus protects the content of the memory that is being read by almost any device. The group has detailed possible ways to mitigate this vulnerability and has sent these 'methods' to Apple, Intel and Microsoft. At the moment there is no patch that fixes this problem in a public way, except disabling the Thunderbolt controller through the motherboard BIOS.

Thunderbolt 3 is a type of connection that is much more widespread on Mac computers and that can offer a bandwidth of 40Gbps. This facilitates data transmission at unusual speeds and it is even possible to connect external graphics cards thanks to the connector.

We will keep you informed regarding the Thunderclap vulnerability and if any patch will be released that can fix it for all systems.