Vendors queue for punishment as ‘ThinkPwn’ fallout spreads
Gigabyte has been swept into turmoil surrounding low-level security vulnerabilities that allows attackers to kill flash protection, secure boot, and tamper with firmware on PCs by Lenovo and other vendors.
Unconfirmed reports suggest the hardware vendor has used the “ThinkPwn” vulnerable code, thought to be born of Intel reference code, on four of its motherboards: Z68-UD3H, Z77X-UD5H, Z87MX-D3H, and Z97-D3H.
Researcher Dmytro Oleksiuk revealed the vulnerabilities in a post to Github stating that can “disable flash write protection and infect platform firmware, disable Secure Boot, [and] bypass Virtual Secure Mode (Credential Guard, etc.) on Windows 10 Enterprise” thanks to a flaw in the SystemSmmRuntimeRt UEFI driver.
Pwn pundit Alex James then reported that Gigabyte looks affected by the System Management Mode BIOS vulnerability saying on Twitter that many other Gigabyte models are likely affected.
Gigabyte has been contacted for comment.
Further quips by other researchers claim HP Pavillion lines may also be affected.
Many more will likely be added to the list curious hackers and vendors peer into the internals of their PCs.
Lenovo labelled the flaw in its advisory as “industry-wide” with a high severity rating.
The tech giant fired a salvo at Oleksiuk for his “uncoordinated disclosure” adding that its internal security team made “several unsuccessful attempts” to stuff a responsible disclosure gag in the researcher’s mouth before his zero day drop.
Lenovo is working on a fix, and presumably, the rest of the industry is scrambling its resources as well. ®