Revision as of 14:20, 18 May 2020 edit Drbogdan (talk \| contribs) Autopatrolled, Extended confirmed users, Pending changes reviewers, Rollbackers 90,442 edits →Impact: adjs ← Previous edit		Revision as of 14:24, 18 May 2020 edit undo Drbogdan (talk \| contribs) Autopatrolled, Extended confirmed users, Pending changes reviewers, Rollbackers 90,442 edits →Mitigation: ref adjs Next edit →
Line 24: == Mitigation == The researchers claim there is no easy software solution, and may only be mitigated by disabling the Thunderbolt port altogether.<ref name="WRD-20200510" /> However, the impacts of this attack (reading kernel level memory without the machine needing to be powered off) are largely mitigated by anti-intrusion features provided by many business machines.<ref name="msdoc-kdma-protecton-for-thunderbolt">{{cite web \|author=Staff \|title=Kernel DMA Protection for Thunderbolt™ 3 (Windows 10) - Microsoft 365 Security \|url=https://docs.microsoft.com/en-us/windows/security/information-protection/kernel-dma-protection-for-thunderbolt \|~~title~~date=~~Kernel~~26 ~~DMA~~March ~~Protection~~2019 ~~for Thunderbolt™ 3 (Windows 10) - Microsoft 365 Security~~ \| work=Microsoft Docs ~~\|author= \|date=26 March 2019~~ \|accessdate=17 May 2020 }}</ref> Intel claim enabling such features would substantially restrict the effectiveness of the attack.<ref name="intel-20200510">{{cite news \|last=Jerry \|first=Bryant \|title=More Information on Thunderbolt(TM) Security - Technology@Intel \|url=https://blogs.intel.com/technology/2020/05/more-information-on-thunderspy/ \|date=10 May 2020 \|accessdate=17 May 2020 }}</ref> == References ==

Thunderspy: Difference between revisions