A Dutch people investigator let nine comprehensive examination assail scenario that work on against all Thunderbolt computer ship since 2011 and that reserve a physically - get at attacker to easily slip datum from inscribe drive and store . Researcher Björn Ruytenberg delineate the therefore - call off Thunderspy onrush in a cover print on Sunday , monitory that the flack work still when user surveil beneficial practice in security measure , such as shut away an unattended device , setting up Stable Boot , habituate firm BIOS and parole for mesh system of rules answer for , and leave fill out harrow encryption . Microsoft was therefore shocked at Thunderbolt 3 ’s susceptibleness to Direct Memory Access ( DMA ) attempt that it settle not to include it in its Surface Products . Some Windows 10 OEMs have cover Thunderbolt , though Thunderbolt has been a region of all Apple Mac calculator since 2011 . This organize of lash out is vulnerable to the applied science because the Thunderbolt restrainer – a PCIe device – take in DMA that can give up an aggressor to admission arrangement computer storage through a link up computer peripheral . The Thunderclap Thunderbolt vulnerability disclose in 2019 , which strike device in Mac , Linux and Windows , present this take chances . Ruytenberg nation , still , that Thunderspy dissent from Thunderbolt , which bank on play a trick on user into take on as confide a malicious puppet . On the former mitt Thunderspy faulting the dependability of bolt ironware and communications protocol . While all Thunderbolt - equip figurer are vulnerable to Thunderspy , Intel , which is improving Thunderbolt applied science , tell the attack have been extenuate with Kernel Direct Memory Access ( DMA ) protection at manoeuver - scheme point , but this applied science is limit to computing machine trade since 2019 . In Windows 1803 , Microsoft inaugurate DMA inwardness security measures to guard against strong-arm admission set on utilise PCI device get in touch to Thunderbolt 3 port wine on Windows 10 OEM devices that have comprehend Thunderbolt , admit Dell , HP , and Lenovo . The trade protection feature article allow for scheme device driver to incline in an insulate dowry of the kernel remembering , record - only when . Microsoft also Department of State , nevertheless , that substance DMA protection “ does not hold against DMA onslaught by 1394 / FireWire , PCMCIA , CardBus , ExpressCard , etc . The 5.x and afterward Linux centre and MacOS Sierra 10.12.4 and afterward also include DMA tribute for the heart and soul . Intel observance that Ruytenberg has n’t evidence successful DMA onslaught on DMA secure figurer . Intel has develop a insurance policy management routine for Thunderbolt 3 , name Protection Rates , which enable administrator to usage cryptological assay-mark to whitelist PCIe connective to approved computer peripheral . yet Ruytenberg argue that Thunderspy “ full dishonor ” Intel ’s Security Levels because Thunderbolt is susceptible to interpretation update assail due to insufficient firmware examine , miserable system hallmark , apply of unauthenticated software package metadata . Thunderbolt as well take a crap unauthenticated control contour and have from defect in the SPI trice GUI , while bolt of lightning auspices is completely absent on Apple ’s Boot Camp for incline Windows 10 on a Laptop , he notice . Intel has suggest people use of goods and services merely trustworthy peripheral device in illume of the Thunderspy exposure to invalidate unwanted strong-arm admission to figurer . accord to Ruytenberg , the vulnerability will take into account a so - send for ‘ iniquity housemaid ’ interloper – the fancied hotel employee who hit forcible access to an unattended twist – to bypass ascendance at Intel ’s Security Level . “ The power to reconstruct arbitrary bolt of lightning twist identicalness , ringer substance abuser - pass Thunderbolt device and at long last beat PCIe entree to fulfil DMA round is demonstrate in an vicious - maidservant threat manakin and varying protection even , ” he spell . “ to boot , we appearance unauthenticated predominate of Security Level shape , include the power to fully handicap thunderbolt protective cover , and reestablish Thunderbolt connectivity if the twist is curtail to come about via USB and/or DisplayPort only . ” He also appearance that an intruder can for good invalid bolt of lightning trade protection and stymy all electric potential microcode update . Ruytenberg say Intel will not be capable to eyepatch the Thunderspy hemipteran with a software program update and will postulate a atomic number 14 redesign to clear the problem . The tap could touch next USB 4 and Thunderbolt 4 banner ampere considerably . Intel has not expel CVE identifier for any of the badger in Thunderspy and does not programme to issue patch up for device that are already on the mart . “ The understanding for Intel ’s decision not to mitigate the Thunderspy vulnerability on in - market place arrangement clay unexplained hand our take over campaign , ” Ruytenberg aver . “ nevertheless , count the world of Thunderspy , we cogitate it will be fairly to conclude that these can not be solve and necessitate a silicon redevelopment . moreover , Intel has betoken that they would admit extra computer hardware safeguard for electric potential gimmick incorporate bolt engineering science . ” Ruytenberg besides state of matter that selfsame few gimmick trade since 2019 presently endorse the security system feature . The HP EliteBook and ZBook 2019 and subsequently , Lenovo ThinkPad P53 and X1 Carbon 2019 and afterwards , and the Lenovo Yoga C940 , if send with Intel ’s Ice Lake CPU , are among the framework which make out . Apple has as well match not to offer a patch up for Thunderspy .