[ad_1]
Microsoft has announced that it has updated its software to stop the attack.
Microsoft
Security researchers have discovered a flaw in almost all modern computers, allowing potential hackers to steal sensitive information on your locked devices.
The attack takes only five minutes, though the hacker has physical access to the computer, said F-Secure's senior security consultant, Olle Segerdahl, in a statement. Cold boot attacks can steal data from the RAM of a computer, where sensitive information is briefly stored after a forced restart.
These attacks have been known since 2008, and most computers nowadays have a security feature that removes the data stored in the RAM to prevent hackers from stealing sensitive information. This is also not a common threat for an average person because the attack would require access to the computer and special tools – such as a program on a USB stick – to carry out the attack.
But Segerdahl and F-Secure researchers said they found a way to disable this security measure and extract data using cold boot attacks.
"We need to take additional action against the conventional cold start attack, but it is effective against all the modern laptops we have tested," he said in a statement.
There is no immediate solution available for the new vulnerability, said F-Secure. The cybersecurity company recommends that you set your laptops to automatically shut down or hibernate instead of having it completely in sleep mode when you close your screen.
The company said it contacted Microsoft, Intel and Apple about its discovery. Microsoft told ZDNet that it was updating its instructions on BitLocker, while Apple said all devices using a T2 chip would not be affected.
F-Secure researchers presented their findings at a conference in Sweden on Thursday and are expected to present it again at the Microsoft Security Conference on September 27th.
For more information on the vulnerability, read all the details on our ZDNet partner site.
Source link
