Debugging mechanism in Intel CPUs allows seizing control via USB port

[Elixer]

This could introduce new ways to get at systems now, you can have compromised phones/flash drives/ or anything else that has a USB port on it, and use it to attack a system.

Then people wonder why sysadmins turn off USB ports.

So far, this is only for Intel U-series CPUs, but, the only good thing about this is, now, some of those closed systems have the possibility to install a different BIOS/OS on them...

Researchers from Positive Technologies have revealed that some new Intel CPUs contain a debugging interface, accessible via USB 3.0 ports, that can be used to obtain full control over a system and perform attacks that are undetectable by current security tools.

An attacker could use this to bypass all security systems for the embedding of code over a certain period of time, reading all possible data and even making the machine inoperative, for instance by re-writing its BIOS.

https://www.scmagazine.com/debuggin...seizing-control-via-usb-port/article/630480/?

 

[Ketchup]

Sure, but you still have to physically access the system through the port first. Sounds like the modern-day version of transporting viruses through floppy drives. Except in this case, you have to make sure your target computer has a Skylake CPU. Sure, down the road, this could pose a security risk. It will be interesting to see how Intel responds.