Micro-Renovator: Bringing Processor Firmware up to Code
Conference: Defcon 26
2018-08-01
Summary
Micro-Renovator is a tool that allows end-users to apply microcode updates without modifying platform firmware or the operating system, through simple modifications to the EFI boot partition.
- Spectre highlighted a weak link in the patching process for many users: firmware (un)availability
- Inconsistent support from platform and operating system vendors has left millions of users without a way to consume critical security updates
- Micro-Renovator provides the ability to apply microcode updates without modifying either platform firmware or the operating system, through simple (and reversible) modifications to the EFI boot partition
Abstract
The mitigations for Spectre highlighted a weak link in the patching process for many users: firmware (un)availability. While updated microcode was made publicly available for many processors, end-users are unable to directly consume it. Instead, platform and operating system vendors need to distribute firmware and kernel patches which include the new microcode. Inconsistent support from those vendors has left millions of users without a way to consume these critical security updates, until now. Micro-Renovator provides the ability to apply microcode updates without modifying either platform firmware or the operating system, through simple (and reversible) modifications to the EFI boot partition.
Materials:
Tags: