Abaphenyi abavela I-Positive Technologies ikhombe ubungozi obusha (CVE-2019-0090) lokho ivumela ukufinyelela ngokomzimba kwikhompyutha ukukhipha ukhiye wempande wesikhulumi (ukhiye we-chipset), osetshenziswa njengempande yokwethenjwa ekuqinisekiseni izinto ezahlukahlukene zepulatifomu, kufaka phakathi i-TPM (i-Trusted Platform Module firmware) ne-UEFI.
Ukuba sengozini kubangelwa iphutha ku-hardware ne-firmware i-Intel CSME, lokho itholakala ku-boot ROM, okuyinto ebucayi impela ngoba leli phutha alikwazi ukulungiswa nganoma iyiphi indlela.
Ukuba sengozini kwe-CVE-2019-0090 kubhekiswa kunjini yokuphepha nokuphatha ehlanganisiwe (CSME) kuma-Intel CPU amaningi akhishwe eminyakeni emihlanu edlule, ngalezo zindlela zokutholwa eziwu-XNUMX kube okuhlukile.
Kuyinkinga enkulu ngoba inikeza amasheke we-cryptographic Izinga eliphansi lapho ama-motherboard boots, phakathi kwezinye izinto. Yinto yokuqala oyigijimayo uma ushaya inkinobho yamandla nempande yokwethemba konke okulandelayo.
Ngenxa yobukhona bewindi ngesikhathi sokuqalisa kabusha kwe-Intel CSME ngokwesibonelo, lapho uphuma kwimodi yokulala.
Ngokukhohlisa nge-DMA, idatha ingabhalelwa i-Intel CSME static memory namatafula ekhasi lememori angashintshwa I-Intel CSME isivele iqalisiwe ukunqabela ukwenziwa, kukhishwe ukhiye endaweni yesikhulumi futhi kutholwe ukulawula ukukhiqizwa kokhiye bokubethela amamojula we-Intel CSME. Imininingwane yokuxhashazwa kokuba sengozini kuhlelwe ukuthi ikhishwe ngokuhamba kwesikhathi.
Ngaphezu kokukhipha ukhiye, iphutha futhi livumela ukwenziwa kwekhodi ezingeni lelungelo zero kusuka ku-Intel CSME (Converged Manageability and Security Engine).
U-Intel wayibona le nkinga esikhathini esingangonyaka esedlule nangoMeyi 2019 izibuyekezo zakhishwa i-firmware ukuthi, yize bengakwazi ukushintsha ikhodi esengozini ku-ROM, yize kubikwa ukuthi "bazama ukuvimba izindlela ezingahle zisebenze ezingeni lamamojula e-Intel CSME ngamanye."
Ngokusho kwePositive Technologies, ikhambi livala kuphela i-vector eyodwa yokuxhashazwa. Bakholelwa ukuthi kunezindlela eziningi zokuhlasela kanti ezinye azidingi ukufinyelela ngokomzimba.
"Kungaba nezindlela eziningi zokusebenzisa lobu bungozi ku-ROM, hhayi zonke ezidinga ukufinyelela ngokomzimba, ezinye ukufinyelela kuphela okuhlobene ne-malware yendawo."
Ngokusho kukaMark Ermolov, u-Principal OS no-Hardware Security Specialist ePositive Technologies, ngenxa yendawo akuyo, iphutha lifana nokusetshenziswa kwe-Checkm8 boot ROM kumadivayisi we-iOS okwavezwa ngoSepthemba futhi kuthathwa njengokuqedwa kwejele unomphela.
Phakathi kwemiphumela engaba khona ukuthola ukhiye wempande wesikhulumi, Kushiwo ukwesekwa kwe-Intel CSME firmware, ukuzibophezela kwe ukubethela izinhlelo imidiya esekwe ku-Intel CSME, kanye ne- ithuba lokuqothula i-EPID (I-ID yobumfihlo ethuthukisiwe) ukuhambisa ikhompyutha yakho iye kwenye ukudlula ukuvikelwa kwe-DRM.
Uma kwenzeka ukuthi amamojula e-CSME ngamanye afakwa engozini, i-Intel inikeze amandla okwenza kabusha okhiye abahambisana nawo besebenzisa indlela ye-SVN (Security Version Number).
Uma kwenzeka kutholakala ukhiye wempande yengxenyekazi, le ndlela ayisebenzi njengoba ukhiye wempande yengxenyekazi usetshenziselwa ukwenza ukhiye wokubethela kwe-Integrity Control Value Blob (ICVB), okuthi irisidi lawo, ivumela ukwakhiwa kwekhodi yanoma yimaphi amamojula we-Intel CSME firmware.
Lokhu kungaba yinkinga enkulu i-Intel ezobe ibhekene nayo, ngoba izinkinga zangaphambilini ezinjenge-specter noma ukuncibilika kuncishisiwe, kepha lokhu kuyinkinga enkulu ngoba iphutha liku-ROM futhi njengoba abacwaningi besho leli phutha alikwazi ukuxazululwa nganoma iyiphi indlela.
Futhi yize i-Intel isebenza ukuze ikwazi "ukuzama ukuvimba" imizila engaba khona, noma yini abayenzayo akunakwenzeka ukuxazulula ukwehluleka.