• Welcome to OnlyTech Forums
    An online community for the tech enthusiasts!
    Log in or Register

System firmware Can Be Erased or Corrupted After Boot

Sarkar

Guru
Member
Joined
1 Jun 2013
Messages
11,003
Reaction score
11,364
Intel has issued new guidance relating to SPI controllers inside multiple Intel chipsets. The configuration of the system firmware device (SPI flash) could allow an attacker to block BIOS/UEFI updates, or to selectively erase or corrupt portions of the firmware. This would most likely result in a visible malfunction, but could in rare circumstances result in arbitrary code execution.

Severity: High

Scope of Impact: Industry-wide

CVE Identifier: CVE-2017-5703

Affected products:
Platforms based on:


8th generation Intel® Core™ Processors
7th generation Intel® Core™ Processors
6th generation Intel® Core™ Processors
5th generation Intel® Core™ Processors
Intel® Pentium® and Celeron® Processor N3520, N2920, and N28XX
Intel® Atom™ Processor x7-Z8XXX, x5-8XXX Processor Family
Intel® Pentium™ Processor J3710 and N37XX
Intel® Celeron™ Processor J3XXX
Intel® Atom™ x5-E8000 Processor
Intel® Pentium® Processor J4205 and N4200
Intel® Celeron® Processor J3455, J3355, N3350, and N3450
Intel® Atom™ Processor x7-E39XX Processor
Intel® Xeon® Scalable Processors
Intel® Xeon® Processor E3 v6 Family
Intel® Xeon® Processor E3 v5 Family
Intel® Xeon® Processor E7 v4 Family
Intel® Xeon® Processor E7 v3 Family
Intel® Xeon® Processor E7 v2 Family
Intel® Xeon® Phi™ Processor x200
Intel® Xeon® Processor D Family
Intel® Atom™ Processor C Series

Mitigation Strategy for Customers (what you should do to protect yourself):
update to the appropriate BIOS/UEFI version with the Intel recommended changes for your model

Intel® Product Security Center

For lenovo computer instruction is here
System firmware Can Be Erased or Corrupted After Boot

For other manufacturer check your computer manufacturer website for BIOS update
 
Top Bottom