A recent leak confirmed that Microsoft Surface devices no longer support Thunderbolt ports and removable RAMs because of security concerns.
Aside from removing support for the Thunderbolt port on the Microsoft Surface, the company also points out that removable RAMs pose the same security threat. WalkingCat leaked details of these issues on Twitter
A Microsoft employee pointed out these vulnerabilities saying: “If you have a well prepared stick that you put into the direct memory access port, then you can access the full device in memory and all data that’s stored in memory.”
Security issues
Publications investigating the leak verified that it is legitimate. A report confirmed that the Microsoft employee explaining the issue on the leaked video is a specialist based in the Netherlands. The report added that the employee is an expert on Surface devices, and is working for Microsoft for more than a decade.
The leaked video shows the employee explaining the nature of the vulnerability. According to him, an attacker can use liquid nitrogen in preserving a device’s RAM. After this, the attacker can install the removed RAM into a RAM reader and access all of its contents. RAM usually stores highly sensitive data like encryption keys.
https://twitter.com/h0x0d/status/1253917701719769088
Microsoft’s decision on removing support for Thunderbolt 3 ports on its Surface devices is related to how the port functions. Thunderbolt ports uses Direct Memory Access is pointed as the main culprit.
Direct Memory Access allows Thunderbolt to directly write and read to a device’s RAM. Because of this, this port is extremely fast, but also opens a number of vulnerabilities.
Microsoft’s response
It is now apparent that Microsoft will not let this vulnerability to remain on its Surface devices. However, removing the Thunderbolt port completely is somewhat an overkill considering the fact that Microsoft already addressed this issue with Windows 10 1803 update.
Apart from Microsoft, a number of hardware manufacturers continue to support Thunderbolt. Several devices released by Dell, HP, and Lenovo all have Thunderbolt ports.
Instead of Thunderbolt, Microsoft Surface devices are using USB Type-C. While not exactly as fast as Thunderbolt, it does not have the same vulnerabilities.
Considering Microsoft’s response to the Thunderbolt vulnerability, some are wondering why the company is not working on compatibility issues of its own Surface Connector. The port was added to the Surface Pro 3 and was Microsoft’s solution for individual specialized ports. Since its release, users have clamored over its performance and asked for its removal.
Image courtesy of Takeaway/Wikimedia Commons