Intel and Lenovo have released recommendations that help restrict access to JTAG debugging interface of processors which can be used by attackers. The insecurity was first discovered by Positive Technologies’ experts in December 2016.
At that time Positive Technologies’ experts Maxim Goryachiy and Mark Ermolov presented their findings, during a session at the Chaos Communication Congress (33C3) in Hamburg, explaining that modern Intel processors allow usage of the debugging interface via a USB 3.0 port available on many platforms to gain full control over the system. Modern security systems cannot detect such attacks.
In April 2017 Intel officially acknowledged this vulnerability and released a BIOS update that blocks access to the debugging interface via USB 3.0 port. It also thanked Positive Technologies’ experts Maxim Goryachiy and Mark Ermolov for raising the issue.
In addition, a special security bulletin was published by Lenovo, one of the main equipment manufacturers that uses Intel processors. Several other major vendors have not yet issued recommendations for blocking the attack.
A video of Maxim Goryachiy and Mark Ermolov talk at CCC 33C3 can be found below:
Slides are available here.