Millions of Windows PCs are vulnerable to this new Thunderbolt exploit.
Researchers have uncovered a flaw in the ubiquitous Intel Thunderbolt port that could allow hackers to break into affected devices in a matter of minutes.
The vulnerability is found in millions of Windows and Linux PCs manufactured before 2019 and can be used by an attacker with physical access to the device to circumvent both password protection and hard disk encryption.
Uncovered by security researcher Björn Ruytenberg of the Eindhoven University of Technology, the physical access attack – which he refers to as Thunderspy – can scrape data from the target machine without leaving so much as a trace.
The issue reportedly cannot be resolved via a simple software fix – but only by deactivating the vulnerable port.
The newly discovered Thunderbolt vulnerability opens the door to what Ruytenberg refers to as an “evil maid attack” – an attack that can be executed if the hacker is afforded time alone with a device.
