Categories
Technology

Thunderstrike2 Details Revealed

An anonymous reader writes: Prior to DefCon and BlackHat, we learned that Trammell Hudson had developed a firmware worm for Apple machines that could spread over Thunderbolt hardware accessories. Now that both conferences have finished, Hudson has published slides and an annotated transcript detailing how the worm works. A brief quote: “Thunderstrike 2 takes advantage of four older, previously disclosed vulnerabilities. These had all been known and fixed on other platforms, but not on Apple’s MacBooks. … Speed Racer (Incorrect BIOS_CNTL configuration, 2014, VU#766164), Darth Venamis (S3 boot script injection, 2014, VU#976132) Snorlax (Flash configuration is not set after S3 sleep, 2013 VU#577140) and PrinceHarming (2015) Unsigned Option ROMs (2007, 2012). … While we’re looking at Apple specifically in this research, the overall message is that many vendors are not keeping up to date and are not responding to CERT, especially if it requires effort to port or test vulnerabilities from other vendor platforms.”


Codice amico Very Mobile Diagonal Media Digital Marketing