The deepest issue lies in the chain of control. Basically all other devices (essentially your whole system beyond boot) lose the ability to 'trust' basic components of data moving from ROM to ram, beginning with resetting even at boot. Because the vulnerable code is prevalent to 'view' not only the initial 'trusted keys', but also newly generated keys (when trust is compromised, new key issued). The vulnerability lies in direct memory access being provided without the protection of CSME (Intel's secure computing), because as the researchers point out - it's disabled by default (allowing external access to DMA during short period).
Not super important for the end user, but if you're involved with anything requiring highly (very highly) sensitive data - the only patch is to replace hardware. Dunno how relevant this is for most users but I'd imagine top companies/financial institutions and/or government systems are most at risk (when is the average joe really at risk?).
@drbaltazar posts Quote:
Originally Posted by dave12
I like your posts. Every time I see one I read it multiple times trying to discern meaning, ultimately failing, but enjoying the experience.