in Check It Out, X-Geek

Intel SPI Flash Flaw Lets Attackers Alter or Delete BIOS/UEFI Firmware

Yet another security flaw with Intel chips.

Intel has addressed a vulnerability in the configuration of several CPU series that allow an attacker to alter the behavior of the chip’s SPI Flash memory —a mandatory component used during the boot-up process.

According to Lenovo, who recently deployed the Intel fixes, “the configuration of the system firmware device (SPI flash) could allow an attacker to block BIOS/UEFI updates, or to selectively erase or corrupt portions of the firmware.”

Source: Intel SPI Flash Flaw Lets Attackers Alter or Delete BIOS/UEFI Firmware