Deep Dive

Certain firmware responsible for managing discrete hardware components has been getting increasingly complex and is subject to vulnerabilities and exploits. The worst thing is, that in many cases existing threat detection systems are impotent.

To cast some light onto this alarming trend, let's review one by one the top 5 dangerous hardware vulnerabilities that have recently been found in today's PCs. Today we bring you the fourth installment:

#4: the Thunderbolt interface

#4 in our chart is another port-specific vulnerability, targeting Thunderbolt. As it happens, connecting a device via Thunderbolt may also be dangerous. A respective PoC which targeted Mac OS X products was demonstrated by a security researcher Tremmel Hudson at the end of last year.

Hudson created the first-ever bootkit targeting Apple's OS, Thunderstrike, which leverages auxiliary modules boot from external devices connected by Thunderbolt. As soon as it is accomplished, the attacker can do anything to the affected PC.

As soon as Hudson's research went live, Apple mitigated the risk of such an attack in the next OS update (OS X 10.10.2). However, according to Hudson, the patch is a temporary measure. The undermining principle of the vulnerability remains the same, so this is definitely a 'to-be-continued' story.