Intel SPI Flash Flaw – Hacker can Alter/Delete BIOS/UEFI

Windows Articles

How to install Android on a USB key

Hi! Android is a very versatile mobile operating system because it is based on Linux kernel and other open-source software, it can...

Microsoft releases emergency update.

Security is one of the fundamental issues for Microsoft in Windows 10. In fact, since it was launched, the company has changed...

How to remove Windows 10 network credentials

Hi! Every time you access a website using Windows 10, a lot happens. In fact, the system will store the credentials to...

Top free apps for Windows 10

Hello! It is well known that Windows 10 is the most used operating system in the world. Indeed, there are many reasons...

How to install Owncloud on Ubuntu 20.04?

In this post, You will learn how to install Owncloud on Ubuntu 20.04. Many users and small businesses prefer...
Mel Khamlichi
Mel Khamlichihttp://www.osradar.com
Founder of Osradar, from Amsterdam Netherlands

Very recently, Intel has addressed a new vulnerability that uses the flawed configuration of several CPU series. Using the flaw, a hacker can alter the behavior of SPI Flash memory of the chip. SPI Flash memory is very important and a mandatory part of the system’s boot-up process.

According to Lenovo, this bug can allow a hacker to selectively corrupt/modify BIOS/UEFI firmware or block its updates. However, Lenovo engineers also mentioned that this attack could lead to a broken system causing visible malfunction, but hardly holds the chance of executing arbitrary code.

Infected CPUs

The vulnerability is listed as CVE-2017-5703. According to the manufacturer company – Intel, the vulnerability affects the following CPU series.

  • 5th, 6th,7th & 8th generation Intel® Core™ Processors.
  • Several models of Intel® Xeon® Processors.
  • Several models of Intel® Atom™ Processors.
  • Several models of Intel® Pentium® Processors.
  • Several models of Intel® Celeron® Processors.

For the complete list of affected products, check the list at Intel. A local hacker can exploit the flaw in the CPU configuration to corrupt the system of the victim. It’ll cause visible issues with the system boot and normal functionalities. However, the chance of executing arbitrary code is near to impossible. So, you don’t need to panic about your privacy.

In the scale of CVSSv3, the vulnerability reached the score of 7.9 out of 10. Intel also mentioned that they know the cause of the issue and mitigation is also available.

What to do now

If you’re a user of those CPUs, you should immediately update your BIOS/UEFI firmware for mitigating the chance of getting exploited. Check for the BIOS update at Intel. Moreover, check other vendor websites (Dell, Lenovo etc.) if you purchased your computer from them.

Now, you can easily install OS via USB flash drive. Learn how to prepare a bootable USB flash drive.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to install Android on a USB key

Hi! Android is a very versatile mobile operating system because it is based on Linux kernel and other open-source software, it can...

Microsoft releases emergency update.

Security is one of the fundamental issues for Microsoft in Windows 10. In fact, since it was launched, the company has changed...

How to remove Windows 10 network credentials

Hi! Every time you access a website using Windows 10, a lot happens. In fact, the system will store the credentials to...

Top free apps for Windows 10

Hello! It is well known that Windows 10 is the most used operating system in the world. Indeed, there are many reasons...

How to install Owncloud on Ubuntu 20.04?

In this post, You will learn how to install Owncloud on Ubuntu 20.04. Many users and small businesses prefer...
x