Revision as of 14:15, 17 May 2020 edit Rxy (talk \| contribs) 59 edits +refs ← Previous edit		Revision as of 14:25, 17 May 2020 edit undo Rxy (talk \| contribs) 59 edits m →Mitigation Next edit →
Line 25: == Mitigation == {{more citations needed\|section\|date=May 2020}} The researchers claim there is no easy software solution, and may only be mitigated by disabling the Thunderbolt port altogether.<ref name="WRD-20200510" /> However, the impacts of this attack (reading kernel level memory without the machine needing to be powered off) are largely mitigated by anti-intrusion features provided by many business machines.<ref name="msdoc-kdma-protecton-for-thunderbolt">{{cite web \|url=https://docs.microsoft.com/en-us/windows/security/information-protection/kernel-dma-protection-for-thunderbolt \|title=Kernel DMA Protection for Thunderbolt™ 3 (Windows 10) - Microsoft 365 Security \| Microsoft Docs \|author= \|date=26 March 2019 \|accessdate=17 May 2020 }}</ref> Intel claim Enabling such features would substantially restrict the effectiveness of the attack.<ref name="intel-20200510">{{cite news \|last=Jerry \|first=Bryant \|title=More Information on Thunderbolt(TM) Security - Technology@Intel \|url=https://blogs.intel.com/technology/2020/05/more-information-on-thunderspy/ \|date=10 May 2020 \|accessdate=17 May 2020 }}</ref>{{cn\|date=May 2020}} == References ==

Thunderspy: Difference between revisions