Thunderbolt vulnerability leaves devices open to hackers
A team of academics from various universities has uncovered significant security vulnerabilities in the Thunderbolt connectivity interface.
Thunderbolt is available through USB-C ports on modern PCs, and offers users direct memory access at privilege levels more significant that traditional USB functionality.
According to the research, a lack of defence mechanisms in Thunderbolt can leave users vulnerable to hackers, who will be offered “unrestricted memory access”, allowing them to take over the target computer, steal login details, and insert malware.
“Such attacks are very plausible in practice,” the researchers said.
“The combination of power, video, and peripheral-device DMA over Thunderbolt 3 ports facilitates the creation of malicious charging stations or displays that function correctly but simultaneously take control of connected machines.”
Input-output memory management units (IOMMU) can be used to defend against these attacks, as they restrict devices from accessing memory the job doesn’t need.
However, due to the high performance cost of IOMMU, many operating systems disable it by default.
After testing how IOMMU is used in various operating systems, the researchers found that Windows 7, 8, 10 Home, and 10 Pro did not support IOMMU at all, and Windows 10 Enterprise only allows for a very limited use of IOMMU.
macOS and Linux do use IOMMU to combat these attacks, but the researchers were still able able to find exploits in the system.