this post was submitted on 09 Aug 2024
184 points (85.9% liked)

Technology

59219 readers
2637 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] vikingtons 16 points 3 months ago (1 children)
[–] [email protected] 28 points 3 months ago (2 children)

it may be possible for an attacker with ring 0 access to modify the configuration of System Management Mode (SMM) even when SMM Lock is enabled.

If attacker has a ring 0 access he can already screw you up any way he wants

[–] vikingtons 9 points 3 months ago (1 children)

that's all well and good, I was just responding to someone who wanted the list of affected products

[–] [email protected] 5 points 3 months ago (1 children)

It only mentions ring 0 access in your link, ergo they responded to your post because it was the most appropriate. At least that's how I see it.

[–] vikingtons 1 points 3 months ago

The link includes 'CVE-2023-31315'

[–] SzethFriendOfNimi 5 points 3 months ago

True. This does allow for persistent recurring infection post clean and cold boot.

Interesting flaw to keep an eye on.