Intel CPU¤òÅëºÜ¤·¤¿PC¤ÎUEFI¥Õ¥¡¡¼¥à¥¦¥§¥¢¤ËÀȼåÀ¡¢³Îǧ¤È¹¹¿·¤ò
¥µ¥¤¥Ð¡¼¥»¥¥å¥ê¥Æ¥£´ë¶È¤ÎEclypsium¤Ï6·î20Æü(Êƹñ»þ´Ö)¡¢¡ÖUEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware - Eclypsium¡ÃSupply Chain Security for the Modern Enterprise¡×¤Ë¤ª¤¤¤Æ¡¢Ê£¿ô¤ÎIntel Core¥Ç¥¹¥¯¥È¥Ã¥×¤ª¤è¤Ó¥â¥Ð¥¤¥ë¥×¥í¥»¥Ã¥µ¥Õ¥¡¥ß¥ê¡¼¾å¤ÇÆ°ºî¤¹¤ëPhoenix SecureCore¤ÎUEFI¥Õ¥¡¡¼¥à¥¦¥§¥¢¤«¤éÀȼåÀ¤òȯ¸«¤·¤¿¤ÈÊ󤸤¿¡£¤³¤ÎÀȼåÀ¤ò°ÍѤµ¤ì¤ë¤È¡¢¥í¡¼¥«¥ë¤Î¹¶·â¼Ô¤Ë¸¢¸Â¤Î¾º³Ê¤ª¤è¤ÓUEFI¥Õ¥¡¡¼¥à¥¦¥§¥¢Æâ¤Ç°°Õ¤Î¤¢¤ë¥³¡¼¥É¤ò¼Â¹Ô¤µ¤ì¤ë²ÄǽÀ¤¬¤¢¤ë¡£
UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware - Eclypsium¡ÃSupply Chain Security for the Modern Enterprise
¡ûUEFI¤ÎÀȼåÀ
ÀȼåÀ¤Ë´Ø¤¹¤ë¾ðÊó¤Ï¼¡¤Î¥Ú¡¼¥¸¤Ë¤Þ¤È¤Þ¤Ã¤Æ¤¤¤ë¡£
Phoenix Technologies Buffer Overflow Vulnerability in TPM Configuration - Phoenix Technologies - Leading PC Innovation since 1979
ȯ¸«¤µ¤ì¤¿ÀȼåÀ¤Î¾ðÊó(CVE)¤Ï¼¡¤Î¤È¤ª¤ê¡£
CVE-2024-0762 - ¥æ¥Ë¥Õ¥¡¥¤¥É¡¦¥¨¥¯¥¹¥Æ¥ó¥·¥Ö¥ë¡¦¥Õ¥¡¡¼¥à¥¦¥§¥¢¡¦¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹(UEFI: Unified Extensible Firmware Interface)¤ÎÊÑ¿ô½èÍý¤Ë¥Ð¥Ã¥Õ¥¡¡¼¥ª¡¼¥Ð¡¼¥Õ¥í¡¼¤ÎÀȼåÀ
¡ûÀȼåÀ¤¬Â¸ºß¤¹¤ëÀ½ÉÊ
ÀȼåÀ¤¬Â¸ºß¤¹¤ë¤È¤µ¤ì¤ëÀ½Éʤª¤è¤Ó¥Ð¡¼¥¸¥ç¥ó¤Ï¼¡¤Î¤È¤ª¤ê¡£
Phoenix SecureCore (Intel Kaby Lake) 4.0.1.1¤«¤é4.0.1.998¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Coffee Lake) 4.1.0.1¤«¤é4.1.0.562¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Ice Lake) 4.2.0.1¤«¤é4.2.0.323¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Comet Lake) 4.2.1.1¤«¤é4.2.1.287¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Tiger Lake) 4.3.0.1¤«¤é4.3.0.236¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Jasper Lake) 4.3.1.1¤«¤é4.3.1.184¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Alder Lake) 4.4.0.1¤«¤é4.4.0.269¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Raptor Lake) 4.5.0.1¤«¤é4.5.0.218¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Meteor Lake) 4.5.1.1¤«¤é4.5.1.15¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
¡û±Æ¶Á¤ÈÂкö
Eclypsium¤Ë¤è¤ë¤È¡¢¤³¤ÎÀȼåÀ¤Ï¥Õ¥¡¡¼¥à¥¦¥§¥¢¥¤¥ó¥×¥é¥ó¥È¤ä¥Ð¥Ã¥¯¥É¥¢¤òÈ÷¤¨¤¿¥Þ¥ë¥¦¥§¥¢¤ª¤è¤Ó¤½¤ì¤ò±¿ÍѤ¹¤ë¹¶·â¼Ô¤Ë¤È¤Ã¤Æ¼çÍפÊɸŪ¤Ë¤Ê¤ê¤¦¤ë¤È¤¤¤¦¡£¹¶·â¼Ô¤Ï¤³¤ÎÀȼåÀ¤ò°ÍѤ¹¤ë¤³¤È¤Ç¡¢¥ª¥Ú¥ì¡¼¥Æ¥£¥ó¥°¥·¥¹¥Æ¥à¤ä¾å°ÌÁؤǼ¹Ԥµ¤ì¤ëÁȤ߹þ¤ß¤ÎÊݸǽ¤ä¥»¥¥å¥ê¥Æ¥£¥½¥ê¥å¡¼¥·¥ç¥ó¤òÇ˲õ¤Ç¤¤ë¡£¤Þ¤¿¡¢¥Þ¥ë¥¦¥§¥¢¤Ï¿¯³²¤·¤¿¥Ç¥Ð¥¤¥¹¾å¤ÇÌ©¤«¤Ë±Ê³À¤ò³ÎÊݤ¹¤ë¤³¤È¤¬²Äǽ¤È¤µ¤ì¤ë¡£
¤³¤ÎÀȼåÀ¤Î¿¼¹ïÅ٤ϽÅÍ×(Important)¤Èɾ²Á¤µ¤ì¤Æ¤ª¤êÃí°Õ¤¬É¬Íס£¾åµ¤ÎIntel Core¥×¥í¥»¥Ã¥µ¥Õ¥¡¥ß¥ê¡¼¤ª¤è¤ÓPhoenix SecureCore¤ÎUEFI¥Õ¥¡¡¼¥à¥¦¥§¥¢¤òÅëºÜ¤·¤¿¥Ç¥Ð¥¤¥¹¤ò±¿ÍѤ·¤Æ¤¤¤ë´ÉÍý¼Ô¤Ë¤Ï¡¢±Æ¶Á¤ÎÍ̵¤ò¥Ù¥ó¥À¡¼¤ËÌ䤤¹ç¤ï¤»¡¢É¬Íפ˱þ¤¸¤Æ¥Õ¥¡¡¼¥à¥¦¥§¥¢¤Î¥¢¥Ã¥×¥Ç¡¼¥È¤ò¼Â»Ü¤¹¤ë¤³¤È¤¬¿ä¾©¤µ¤ì¤Æ¤¤¤ë¡£
¡ûUEFI¤ÎÀȼåÀ
ÀȼåÀ¤Ë´Ø¤¹¤ë¾ðÊó¤Ï¼¡¤Î¥Ú¡¼¥¸¤Ë¤Þ¤È¤Þ¤Ã¤Æ¤¤¤ë¡£
Phoenix Technologies Buffer Overflow Vulnerability in TPM Configuration - Phoenix Technologies - Leading PC Innovation since 1979
ȯ¸«¤µ¤ì¤¿ÀȼåÀ¤Î¾ðÊó(CVE)¤Ï¼¡¤Î¤È¤ª¤ê¡£
CVE-2024-0762 - ¥æ¥Ë¥Õ¥¡¥¤¥É¡¦¥¨¥¯¥¹¥Æ¥ó¥·¥Ö¥ë¡¦¥Õ¥¡¡¼¥à¥¦¥§¥¢¡¦¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹(UEFI: Unified Extensible Firmware Interface)¤ÎÊÑ¿ô½èÍý¤Ë¥Ð¥Ã¥Õ¥¡¡¼¥ª¡¼¥Ð¡¼¥Õ¥í¡¼¤ÎÀȼåÀ
¡ûÀȼåÀ¤¬Â¸ºß¤¹¤ëÀ½ÉÊ
ÀȼåÀ¤¬Â¸ºß¤¹¤ë¤È¤µ¤ì¤ëÀ½Éʤª¤è¤Ó¥Ð¡¼¥¸¥ç¥ó¤Ï¼¡¤Î¤È¤ª¤ê¡£
Phoenix SecureCore (Intel Kaby Lake) 4.0.1.1¤«¤é4.0.1.998¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Coffee Lake) 4.1.0.1¤«¤é4.1.0.562¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Ice Lake) 4.2.0.1¤«¤é4.2.0.323¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Comet Lake) 4.2.1.1¤«¤é4.2.1.287¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Tiger Lake) 4.3.0.1¤«¤é4.3.0.236¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Jasper Lake) 4.3.1.1¤«¤é4.3.1.184¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Alder Lake) 4.4.0.1¤«¤é4.4.0.269¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Raptor Lake) 4.5.0.1¤«¤é4.5.0.218¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
Phoenix SecureCore (Intel Meteor Lake) 4.5.1.1¤«¤é4.5.1.15¤è¤êÁ°¤Î¥Ð¡¼¥¸¥ç¥ó
¡û±Æ¶Á¤ÈÂкö
Eclypsium¤Ë¤è¤ë¤È¡¢¤³¤ÎÀȼåÀ¤Ï¥Õ¥¡¡¼¥à¥¦¥§¥¢¥¤¥ó¥×¥é¥ó¥È¤ä¥Ð¥Ã¥¯¥É¥¢¤òÈ÷¤¨¤¿¥Þ¥ë¥¦¥§¥¢¤ª¤è¤Ó¤½¤ì¤ò±¿ÍѤ¹¤ë¹¶·â¼Ô¤Ë¤È¤Ã¤Æ¼çÍפÊɸŪ¤Ë¤Ê¤ê¤¦¤ë¤È¤¤¤¦¡£¹¶·â¼Ô¤Ï¤³¤ÎÀȼåÀ¤ò°ÍѤ¹¤ë¤³¤È¤Ç¡¢¥ª¥Ú¥ì¡¼¥Æ¥£¥ó¥°¥·¥¹¥Æ¥à¤ä¾å°ÌÁؤǼ¹Ԥµ¤ì¤ëÁȤ߹þ¤ß¤ÎÊݸǽ¤ä¥»¥¥å¥ê¥Æ¥£¥½¥ê¥å¡¼¥·¥ç¥ó¤òÇ˲õ¤Ç¤¤ë¡£¤Þ¤¿¡¢¥Þ¥ë¥¦¥§¥¢¤Ï¿¯³²¤·¤¿¥Ç¥Ð¥¤¥¹¾å¤ÇÌ©¤«¤Ë±Ê³À¤ò³ÎÊݤ¹¤ë¤³¤È¤¬²Äǽ¤È¤µ¤ì¤ë¡£
¤³¤ÎÀȼåÀ¤Î¿¼¹ïÅ٤ϽÅÍ×(Important)¤Èɾ²Á¤µ¤ì¤Æ¤ª¤êÃí°Õ¤¬É¬Íס£¾åµ¤ÎIntel Core¥×¥í¥»¥Ã¥µ¥Õ¥¡¥ß¥ê¡¼¤ª¤è¤ÓPhoenix SecureCore¤ÎUEFI¥Õ¥¡¡¼¥à¥¦¥§¥¢¤òÅëºÜ¤·¤¿¥Ç¥Ð¥¤¥¹¤ò±¿ÍѤ·¤Æ¤¤¤ë´ÉÍý¼Ô¤Ë¤Ï¡¢±Æ¶Á¤ÎÍ̵¤ò¥Ù¥ó¥À¡¼¤ËÌ䤤¹ç¤ï¤»¡¢É¬Íפ˱þ¤¸¤Æ¥Õ¥¡¡¼¥à¥¦¥§¥¢¤Î¥¢¥Ã¥×¥Ç¡¼¥È¤ò¼Â»Ü¤¹¤ë¤³¤È¤¬¿ä¾©¤µ¤ì¤Æ¤¤¤ë¡£