Intel TXE 3.0 security update??

October 31, 2017October 31, 2017 ~ hucktech ~ 1 Comment

Quoting an article from hexus.net:

MSI adds latest Intel TXE 3.0 security update

In order to avoid severe security vulnerabilities for the platforms, MSI motherboards now support the latest Intel Trusted Execution Engine (TXE) 3.0 for safer system protection. According to recent Intel comprehensive security review, security vulnerabilities are identified and could potentially allow attackers to gain unauthorized access to platforms features, secrets and 3rdparty secrets protected by Intel TXE. Therefore, Intel has validated and released Intel TXE 3.0 updates to address the encountered security situations. Currently all MSI 100,200 and 300 series motherboards are supporting the newest Intel TXE 3.0 by updating to the latest BIOS and installing the latest software updates. MSI always places strong emphasis on security and anti-hack issues to makes sure all MSI motherboard users are operating under the most secure circumstances. MSI will continue to provide additional updates if necessary to ensure maximum platform security protection for users.[…]

https://hexus.net/tech/items/mainboard/111626-msi-adds-latest-intel-txe-30-security-update/

[ Update: my last paragraph was wrong, removed. see Comment by reader. :-). ]

Alex at Black Hat: Where the Guardians of the BIOS Are Failing

July 11, 2017 ~ hucktech ~ Leave a comment

Black Hat Vegas: Where the Guardians of the BIOS Are Failing
By Alex Matrosov
In our upcoming Black Hat Vegas talk, we will summarize our research about the UEFI firmware protections and our newly-discovered security problems. This talk raises awareness of these security challenges for hardware vendors, BIOS-level security researchers and defenders, and sophisticated stakeholders who want to know the current state of UEFI exposure and threats. The situation is serious but, with the right tools and knowledge, we can prevail.[…]

https://www.blackhat.com/us-17/briefings.html#betraying-the-bios-where-the-guardians-of-the-bios-are-failing

https://www.cylance.com/en_us/blog/black-hat-vegas-where-the-guardians-of-the-bios-are-failing.html

Bravo @ASUS! You silently patch 3 of my SMM issues after a month of detailed disclosure notice. Final reply is brilliant: it's not an issue!

— Alex Matrosov (@matrosov) July 7, 2017

Hey @msitweets @ASUS you not reply to my emails! I will disclose security issues from your recent hardware at #BHUSA. Any security contacts?

— Alex Matrosov (@matrosov) June 29, 2017

More details about #BHUSA talk "Where the Guardians of the BIOS Are Failing" https://t.co/69lgtJEUzt Vulns coming: ASUS MSI Gigabyte Lenovo

— Alex Matrosov (@matrosov) June 15, 2017

Analysis of MSI’s NTIOlib

September 28, 2016 ~ hucktech ~ Leave a comment

More handy drivers signed. So we should just use these for our helper on Windows. Why bother with all this test signing, rebooting, F7… https://t.co/J1qh4nyYHZ

— CHIPSEC (@CHIPSEC) September 26, 2016

MSI ntiolib.sys/winio.sys local privilege escalation https://t.co/BFbPWEheWu

— ReWolf (@rwfpl) September 25, 2016

MSI ntiolib.sys/winio.sys local privilege escalation:
So, it seems that not only ASUS drivers allows unprivileged reading and writing to physical memory. Just a few months ago I was looking at the drivers that are loaded on my machine, and I found small MSI driver called NTIOLib_X64.sys. Out of curiosity I’ve looked at it in IDA and it turned out that it has almost the same functionality as the ASMMAP/ASMMAP64 ASUS drivers. I’ve tried to contact MSI through various different channels, but I haven’t really get past their customer support, so I’m not sure if anyone from the development team is aware of this design flaw. After almost 4 months I decided to publish my findings here. […]

http://blog.rewolf.pl/blog/?p=1630

MSI releases modular system: The One

April 1, 2016 ~ hucktech ~ Leave a comment

Today, April First, MSI has announced a new device, “The One”, which sounds awesome! I’d post more info on it, but I’m busy trying to figure out how to buy one… 🙂

http://www.tomshardware.com/news/msi-modular-motherboard,31532.html

https://www.msi.com/Motherboard/The-One.html#hero-overview

Gamer perspective of UEFI diagnostics

November 13, 2015 ~ hucktech ~ Leave a comment

There’s a review of a new MSI system on Gamers Nexus by Steve Brooke. I enjoyed his comments on the usability issues with UEFI diagnostics the OEM/IBV provided, including last comment from gamer perspective on lack of need of TPM. 😦 I have yet to find a hardware reviewer that includes information from CHIPSEC, showing if the machine is shipped with known firmware vulnerabilities. 😦

“The UEFI board explorer is probably one of MSI’s best features. It’s nothing particularly exciting to experienced builders, but makes for excellent usability and education for newcomers to PC building. Board explorer detects mice, some keyboards, video cards, and other devices, and accurately reports which port they’re plugged into on the board. This makes it easy to see which slots are utilized and what devices are using them.

The Hardware Monitor is probably where we spend most of our time in testing. Hardware Monitor offers basic reporting on the PC’s status and specs, with fan speed, boot, and low-level configuration and controls. The graphical display of fan curves in MSI’s B150A UEFI provides a click-and-drag interface for adjusting fan speed vs. temperatures with smooth input. This somewhat resembles host-level software curve creation, but at a lower-level. We’d really like to see this functionality expand to liquid cooler pump motors so that we can read-out RPMs of CLCs. We’d also like to see breadcrumbs added to UEFI to offer a path->to->current navigation. Regarding temperature accuracy, using our thermal measurement equipment, all thermals appear accurately represented within BIOS.

One thing that’s a little useless: The voltage level graph, which reports vCore and other voltages, has no scale – so it’s just sort of randomly illustrated bars representing an ambiguous, undefined voltage level. Might as well get rid of the graph and just read-out numbers, in that case.

Overclocking profiles are pretty straight-forward for what you’d get on a B-series motherboard. Users can save and load via ROM and USB, which is great for backups and testing, but that doesn’t make it any more in-depth – OCing is still locked. It’s not a Z-series board, so the best we can get is forcing Turbo. Overclocking profiles are “normal” and “expert,” and can perform some modest RAM timing and overclocking control alongside the forced Turbo. Voltage adjustment is present in the event that the forced Turbo needs more power to stabilize, though that’s unlikely.

We saw that Thunderbolt is in the UEFI menu, but without any Thunderbolt ports on the motherboard. Asking MSI about this, we learned that the menu support exists for Thunderbolt add-in cards.

TPM and basic security features exist for business users, though why they’d buy a “gaming” board is questionable.”

http://www.gamersnexus.net/hwreviews/2186-msi-b150a-gaming-pro-motherboard-review#!/ccomment