Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)

“The vulnerability was discovered on two Lenovo ThinkPad laptops but Phoenix Technologies has confirmed that it affects multiple versions of its SecureCore firmware, running on various Intel processor families: Alder Lake, Coffee Lake, Comet Lake, Ice Lake, Jasper Lake, Kaby Lake, Meteor Lake, Raptor Lake, Rocket Lake, and Tiger Lake. You can be sure that Lenovo’s laptops are not the only vulnerable computers our there.

Phoenix has implemented mitigations in its UEFI earlier this year, and Lenovo has pushed out BIOS updates for its affected devices. Other vendors are sure to follow in their footsteps – if they haven’t already. Users are advised to check vendor websites for the latest firmware updates.

There is currently no mention of in-the-wild exploitation. In truth, widespread exploitation exploitation may be difficult. “The possibility of exploitation depends on the configuration and permission assigned to the TCG2_CONFIGURATION variable, which could be different for every platform,” according to the researchers.”

Source: https://www.bleepingcomputer.com/ne...rability-impacts-hundreds-of-intel-pc-models/
 
Firmware flaw affects numerous generations of Intel CPUs — UEFI code execution vulnerability found for Intel CPUs from 14th Gen Raptor Lake to 6th Gen Skylake CPUs, and TPM will not save you​


https://www.tomshardware.com/pc-com...-14th-gen-raptor-lake-to-6th-gen-skylake-cpus
 
Phoenix Firmware issue, not an Intel cpu issue.

ASUS uses AMI bios on my Intel mobo. Not affected.
 
Microsoft seems to be plowing along with transitioning everything to memory safe languages in this space.

https://techcommunity.microsoft.com...ecurity-amp-device-management-to/ba-p/4159998

This class of bug should be impossible in safe Rust.
Impressive, at least to me.

So how long until Surface laptops with this protection are available? Can existing Surface laptops be upgraded? (How will know that the upgrade is safe and not malware?)

Lenovo? Other vendors? How can they respond?
 
You cannot implement an OS kernel or hardware firmware without the "unsafe" keyword in some of your Rust code, so it is not impossible by far.

But the situation should be much better than in C.
 
I think it’s cool that the exploit itself was discovered by an AI system designed to find exploits.
 
Of course, and protections also don't stop at what the compiler catches.

https://eclypsium.com/blog/ueficanh...nerability-in-popular-pc-and-server-firmware/

Looking it over, at a glance, it seems like it would have been caught at runtime by the runtime bounds check.

I'll take a bug that panics over memory corruption
 
