![]() The Trust Anchor module is not directly involved in the work demonstrated by Red Balloon.” Another capability offered within certain Cisco platforms is the Trust Anchor module, which helps provide hardware authenticity, platform identity, and other security services to the system. “One of which that is relevant to this discussion is Cisco Secure Boot which provides a root of trust for system software integrity and authenticity. “As a point of clarification, Cisco advertises several related and complementary platform security capabilities,” a spokesperson told WIRED in a written statement. When the patches do arrive, Cisco says, they will "require an on-premise reprogramming," meaning the fixes can't be pushed remotely, because they are so fundamental. According to its security bulletin, all fixes are still months away from release, and there are currently no workarounds. It also disputed that the secure boot vulnerability directly impacts the Trust Anchor. Cisco declined to characterize the nature or timing of these fixes ahead of the public disclosure. And the company says it will also provide fixes for all product families that are potentially vulnerable to secure-enclave attacks like the one the researchers demonstrated. On Monday, Cisco is announcing a patch for the IOS remote-control vulnerability the Red Balloon researchers discovered. This content can also be viewed on the site it originates from.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |