Intel Platform Vulnerability Lets Malware Erase or Block UEFI Firmware Updates

A new Intel platform vulnerability emerged, chronicled by the company under CVE-2017-5703, dated April 3, which could let malware erase your motherboard UEFI BIOS, or render the EEPROM chip storing it “read-only” forever, preventing future BIOS updates, exploiting vulnerabilities in Intel’s implementation of the SPI (serial peripheral interface) on its platforms. The vulnerability affects all Intel processors dating all the way back to 5th generation “Broadwell.” The company quietly passed on fixes to its OEM partners to release as BIOS updates.

The vulnerability came to light in the public as Lenovo, Intel’s largest OEM partner, deployed BIOS updates for its vulnerable products, while detailing it. Lenovo describes the vulnerability as “the configuration of the system firmware device (SPI flash) could allow an attacker to block BIOS/UEFI updates, or to selectively erase or corrupt portions of the firmware.” It goes on to add that “this would most likely result in a visible malfunction, but could in rare circumstances result in arbitrary code execution.” Intel said it discovered the vulnerability internally and hasn’t noticed any exploits in the wild that take advantage of it. “Issue is root-caused, and the mitigation is known and available,” the company said in a security advisory. “To Intel’s knowledge, the issue has not been seen externally.”

Loading...