Trezor Firmware Update 1.6.1

Trezor upgraded their firmware shutting down a hardware exploit in their micro controller that allows an attacker to modify or replace the bootloader. Trezor confirmed that this vulnerability only affects devices that arrived with no tamper proof seal as this attack can only be done by having physical access to the device, nonetheless, they advised users to update their firmware just to be safe. Quote:

Today, on March 21st, we have released a new security update for TREZOR One devices. This update patches a physical security issue discovered in mid-February through our responsible disclosure program. There is no evidence that this vulnerability has been used in practice. Nonetheless, the new system will also verify the integrity of your TREZOR device, making sure it is safe to use.

Support us and the authors of this article by donating to the following address:

337pdZE2D4NTdi7tTsCxKvLmJPPLmyTeSL

Comments powered by Talkyard.