Microsoft has posted a new advisory warning of a security bypass vulnerability influencing Surface area Pro 3 convertible laptops that could be exploited by an adversary to introduce malicious equipment in organization networks and defeat the device attestation system.
Tracked as CVE-2021-42299 (CVSS rating: 5.6), the issue has been codenamed “TPM Carte Blanche” by Google program engineer Chris Fenner, who is credited with exploring and reporting the attack procedure. As of producing, other Floor gadgets, which includes the Surface Pro 4 and Surface area Book, have been considered unaffected, whilst other non-Microsoft devices utilizing a identical BIOS may well be vulnerable.
“Products use System Configuration Registers (PCRs) to report information and facts about gadget and computer software configuration to guarantee that the boot course of action is safe,” the Windows maker famous in a bulletin. “Windows works by using these PCR measurements to determine device wellness. A susceptible system can masquerade as a nutritious device by extending arbitrary values into Platform Configuration Sign-up (PCR) banking institutions.”
On the other hand, it can be worthy of noting that pulling off an attack necessitates physical obtain to a focus on victim’s gadget, or that a undesirable actor has experienced beforehand compromised a legitimate user’s qualifications. Microsoft reported it has “attempted” to notify all affected sellers.
Launched in Windows 10, Gadget Overall health Attestation (DHA) is an enterprise security feature that guarantees shopper desktops have reliable BIOS, Trustworthy Module System (TPM), and boot computer software configurations enabled this sort of as early-start antimalware (ELAM), Protected Boot, and significantly far more. Put differently, DHA is made to attest to the boot point out of a Windows computer.
The DHA support achieves this by reviewing and validating the TPM and PCR boot logs for a product to issue what’s a tamper-resistant DHA report that describes how the machine began. But by weaponizing this flaw, attackers can corrupt the TPM and PCR logs to get false attestations, properly compromising the Machine Wellbeing Attestation validation course of action.
“On a Surface area Pro 3 running new platform firmware with SHA1 and SHA256 PCRs enabled, if the product is booted into Ubuntu 20.04 LTS, there are no measurements at all in the SHA256 bank minimal PCRs,” Fenner reported. “This is problematic since this will allow arbitrary, wrong measurements to be produced (from Linux userland, for instance) corresponding to any Windows boot log preferred. An straightforward SHA256 PCR estimate over dishonest measurements can be requested applying a authentic [Attestation Key] in the attached TPM.”
In a genuine-planet state of affairs, CVE-2021-42299 can be abused to fetch a wrong Microsoft DHA certificate by getting the TCG Log โ which documents measurements made throughout a boot sequence โ from a focus on unit whose health and fitness the attacker wishes to impersonate, followed by deliver a valid health attestation request to the DHA company.
Additional technological aspects about the attack and a proof-of-notion (PoC) exploit can be accessed from Google’s Security Study repository right here.
Found this write-up exciting? Observe THN on Fb, Twitter ๏ and LinkedIn to go through a lot more exceptional content material we put up.
Some parts of this article are sourced from:
thehackernews.com