Thunderbolt Vulnerability Could Allow Hackers Access

By Published On: April 29, 2022

A new vulnerability was revealed to the world at the 2019 NDSS security conference. It’s a grim one with the potential to impact FreeBSD, Linux, Windows, and Mac systems worldwide.

Dubbed ‘Thunderclap,’ the flaw can be exploited to impact the way that Thunderbolt-based peripherals connect and interact with a target system.

If you’re not familiar with Thunderbolt, it’s a hardware interface jointly designed by Intel and Apple that allows users to connect peripherals like chargers, keyboards, and video projectors (and the like) to computers.  The interface was originally available only in the Apple ecosystem, but subsequent generations of Thunderbolt expanded its reach.  These days, Thunderbolt has hooks in every major OS in use today.

At a high level, Thunderclap is nothing more than a union of various security flaws found in the interface.  The main flaw stems from the fact that OS’s tend to implicitly trust any newly connected device, granting it access to all system memory.  A hacker attacking a system using this exploit can even bypass a system’s IOMMU (Input-Output Memory Management Unit), which is specifically designed to counter such threats.

Research conducted jointly at the University of Cambridge, SRI International, and Rice University discovered Thunderclap in late 2016. They have been quietly sounding the alarm since.  Unfortunately, the companies that design and sell operating systems have been slow to act, in a classic case of passing the buck.  The most common reason for failing to act is that the OS vendors say the responsibility lies on the peripheral side and vice versa.

The issue is finally getting the attention it deserves, but to date, none of the OS development companies have published a timeframe for when they’ll be issuing a patch to cover the security flaw.  Until that happens, the best thing you can do is disable Thunderbolt ports via your system’s BIOS.

Used with permission from Article Aggregator

Bill Hogan - Partners Plus, Managed IT Services and IT Support

Bill Hogan is the Owner and President of Partners Plus. He has 40 years of experience in the technology industry, specifically IT support services. Bill has spoken at seminars all over the country about network management. Partners Plus was selected by PHL17 as the best Computer and Information Technology Support Company in the greater Philadelphia area in 2018.

Safe and Secure Information Technology will cover topics like ransomware prevention, solid-state drives, and chip shortage impacts.

Safe and Secure Information Technology

Subscribe to our Weekly Cybersecurity Tips

Contact Us Today

Partners Plus in Delaware
2 Penns Way,
Suite 307
New Castle, DE 19720

Phone: 302-529-3700

Partners Plus in Philidelphia
1515 Market St.,
Suite 1200
Philadelphia, PA 19102

Phone: 215-774-8980

Partners Plus in Malvern
101 Lindenwood Drive
Suite 225
Malvern, PA 19355

Phone: 610 361-9200