@Fishtown @JVirtanen More evidences: Absence of the WSMT ACPI Table: Although this Alder Lake cpu and the platform support memory isolation (IOMMU) are compatible (and usable on Linux platform)... a WMI query maintains the "SmmIsolationLevel" at 0 instead. WMI testing confirms that the current firmware does not provide the WSMT (Windows SMM Security Mitigations Table). Without this tables (without the ability of managing them in the BIOS properly) the Windows Kernel cannot validate the integrity of the System Management Mode (SMM), leaving the system vulnerable to "Ring -2" level attacks that can bypass the Win hypervisor Inconsistency in Security Instrumentation (WMI): It has been detected that in recent Windows 11 builds (26100+), the security management infrastructure is unable to correctly instantiate Win32_DeviceGuard classes... due to obsolete firmware definitions that do not align with Microsoft's latest attestation standards System Guard (Secure Launch) Blockage: The hardware reports capability for DMA (Direct Memory Access) Protection (Property "5" in WMI query -ClassName "AvailableSecurityProperties")... but the firmware prevents its actual activation. This invalidates one of Windows 11's core defenses against malicious devices/software attempting to access memory via DMA Persistence of Compromised UEFI Keys: It still confirmed that the current firmware (version 1.07.02RME1_017) enables compromised PK/KEK/DB keys from 2011. This, combined with the inability to apply DBX (Secure Boot Revocation List) updates due to documented firmware errors (Event ID: 1802 logged in previous messages), still breaks the Secure Boot chain of trust
... View more
(en) ▼ 
Klick hier, um diese Seite auf Deutsch zu lesen
Click here to read this page in English
Cliquez ici pour lire cette page en français
Klik hier om deze pagina in het Nederlands te lezen
