New Flaws Re-Enable DMA Attacks On Wide Range of Modern Computers
Security researchers have discovered a new class of security vulnerabilities that impacts all major operating systems, including Microsoft Windows, Apple macOS, Linux, and FreeBSD, allowing attackers to bypass protection mechanisms introduced to defend against DMA attacks.
Known for years, Direct memory access (DMA)-based attacks let an attacker compromise a targeted computer in a matter of seconds by plugging-in a malicious hot plug device—such as an external network card, mouse, keyboard, printer, storage, and graphics card—into Thunderbolt 3 port or the latest USB-C port.
Researchers have reported their findings to all major hardware and operating system vendors, and most of them have already shipped substantial mitigation to address the Thunderclap vulnerabilities. Though not all software patches can entirely block DMA attacks, users are still advised to install available security updates to reduce the attack surface. According to the researchers, the best way to fully protect yourself is to disable the Thunderbolt ports on your machine, if applicable.