It looks like current PCs based on specific Intel Skylake and Kaby Lake processors are vulnerable to a USB debugging exploit. Security researchers began openly discussing the vulnerability this week, which allows attackers to bypass security mechanisms and run malicious code via the USB debugging interface.
This specifically affects Intel’s U-series of Skylake and Kaby Lake processors, which are lower powered processors typically used in OEM systems. The vulnerability could allow an attacker to go as far as rewriting your system BIOS but it does require USB 3.0 to work, along with a supported debugging interface, according to researchers at Positive Technologies.
Before Skylake came around, debugging was done through a special port on the motherboard that was not easily accessible. However, since then Intel has moved to a Direct Connect Interface, which allows access to the JTAG debugging interface through a USB 3.0 port, though only one port on any machine will be capable of accessing JTAG. This isn’t something that would necessarily affect every day users, but it could be a big deal for servers or enterprise users.
This exploit can be used regardless of the operating system installed on the machine, so it can affect Windows, Mac and Linux. However, the issue has since been brought up with Intel, so they are aware of it and will hopefully look into fixing it.
KitGuru Says: Obviously for an attacker to pull this exploit off, they would either need to be physically at the machine or they would need to trick someone into plugging a dodgy USB in to the right port by themselves. Either way though, it is a security hole that could use some tightening, particularly now that it is public knowledge.