Notice
- The Energy Conservatory Port Devices Driver Download For Windows 10 64
- The Energy Conservatory Port Devices Driver Download For Windows 10 Free
- The Energy Conservatory Port Devices Driver Download For Windows 10 Laptop
For Windows version 1803 and later versions, if your platform supports the new Kernel DMA Protection feature, we recommend that you leverage that feature to mitigate Thunderbolt DMA attacks. For earlier versions of Windowsor platforms that lack the new Kernel DMA Protection feature, if your organization allows for TPM-only protectors or supports computers in sleep mode, the following is one DMA mitigation option. Please refer to BitLocker Countermeasures to understand the spectrum of mitigations.
Also users may refer to Intel Thunderbolt 3 and Security on Microsoft Windows 10 Operating System documentation for alternative mitigations.
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
For more information about how to do this, go to the following Microsoft website:
Symptoms
A BitLocker-protected computer may be vulnerable to Direct Memory Access (DMA) attacks when the computer is turned on or is in the Standby power state. This includes when the desktop is locked.
BitLocker with TPM-only authentication allows for a computer to enter the power-on state without any pre-boot authentication. Therefore, an attacker may be able to perform DMA attacks.
In these configurations, an attacker may be able to search for BitLocker encryption keys in system memory by spoofing the SBP-2 hardware ID by using an attacking device that is plugged into a 1394 port. Alternatively, an active Thunderbolt port also provides access to system memory to perform an attack. Note that Thunderbolt 3 on the new USB Type-C connector includes new security features which can be configured to protect against this type of attack without disabling the port.
This article applies to any of the following systems:
Download and Installation Instructions. To ensure that no other program interferes with the installation, save all work and close all other programs. The Taskbar should be clear of applications before proceeding. Download the EP.exe file to a temporary or download directory (please note this directory for reference). The driver file needs to be installed anytime you change computers. This driver is compatible the following versions of Windows: 7, 8, 8.1 and 10. Download Software. For all devices (20) other devices (2) input devices (3) sound cards (3) controllers (2) chipsets (6) card readers (1) network cards (2) Wi-Fi devices (1) Windows 10 x64 all systems Windows 10 x64 Windows 10 x86 Windows 8.1 x64 Windows 8.1 x86 Windows 8 x64 Windows 8 x86 Windows 7 x64 Windows 7 x86 Windows XP x86. The RTL-SDR is fully compatible with Windows 10. However with the recent release of Windows 10 some users have been having trouble using their RTL-SDR after upgrading. We thought that we'd announce that the simple solution to most problems is to reinstall the SDR drivers with Zadig. The latest version of Zadig can be downloaded from zadig.akeo.ie or if you use SDR# then it will already be in. Download drivers and support packages for VIA products on these pages. VIA Embedded Boards and Systems. To obtain BIOS, drivers, BSPs or EVKs for VIA Embedded boards and systems please visit the respective product page you are inquiring about and click on the.
Systems that are left turned on
Systems that are left in the Standby power state
Systems that use the TPM-only BitLocker protector
Cause
1394 physical DMA
Industry standard 1394 controllers (OHCI compliant) provide functionality that allows for access to system memory. This functionality is provided as a performance improvement. It enables large amounts of data to transfer directly between a 1394 device and system memory, bypassing CPU and software. By default, 1394 Physical DMA is disabled in all versions of Windows. The following options are available to enable 1394 Physical DMA:
An administrator enables 1394 Kernel Debugging.
Someone who has physical access to the computer connects a 1394 storage device that complies with the SBP-2 specification.
1394 DMA threats to BitLocker
BitLocker system integrity checks mitigate unauthorized Kernel Debugging status changes. However, an attacker could connect an attacking device to a 1394 port, and then spoof an SBP-2 hardware ID. When Windows detects an SBP-2 hardware ID, it loads the SBP-2 driver (sbp2port.sys), and then instructs the driver to allow for the SBP-2 device to perform DMA. This enables an attacker to gain access to system memory and search for BitLocker encryption keys.
Thunderbolt physical DMA
Thunderbolt is an external bus that allows for direct access to system memory via PCI. This functionality is provided as a performance improvement. It enables large amounts of data to transfer directly between a Thunderbolt device and system memory, thereby bypassing the CPU and software.
Thunderbolt threats to BitLocker
An attacker could connect a special purpose device to a Thunderbolt port and have full direct memory access through the PCI Express bus. This could enable an attacker to gain access to system memory and search for BitLocker encryption keys. Note that Thunderbolt 3 on the new USB Type-C connector includes new security features which can be configured to protect against this type of access.
Resolution
Some configurations of BitLocker can reduce the risk of this kind of attack. The TPM+PIN, TPM+USB, and TPM+PIN+USB protectors reduce the effect of DMA attacks when computers do not use sleep mode (suspend to RAM).
SBP-2 Mitigation
On the previously mentioned website, refer to the 'Prevent installation of drivers matching these device setup classes' section under 'Group Policy Settings for Device Installation'.
The following is the Plug and Play device setup class GUID for an SBP-2 drive:
d48179be-ec20-11d1-b6b8-00c04fa372a7
On some platforms, completely disabling the 1394 device may provide extra security. On the previously mentioned website, refer to the 'Prevent installation of devices that match these device IDs' section under 'Group Policy Settings for Device Installation'.
The following is the Plug and Play compatible ID for a 1394 controller:
PCICC_0C0010
Thunderbolt Mitigation
Beginning with Windows 10 version 1803, newer Intel-based systems include built-in kernel DMA protection for Thunderbolt 3. No configuration is required for this protection.
To block a Thunderbolt controller on a device running an earlier version of Windows, or for platforms that lack kernel DMA protection for Thunderbolt 3, refer to the 'Prevent installation of devices that match these device IDs' section under 'Group Policy Settings for Device Installation' on the previously mentioned website.
The following is the Plug and Play compatible ID for a Thunderbolt controller:
PCICC_0C0A
Notes
The drawback of this mitigation is that external storage devices can no longer connect by using the 1394 port, and all PCI Express devices that are connected to the Thunderbolt port will not work.
If your hardware deviates from current Windows Engineering Guidance, it may enable DMA on these ports after you start the computer and before Windows takes control of the hardware. This opens your system to compromise, and this condition is not mitigated by this workaround.
Blocking the SBP-2 driver and Thunderbolt controllers does not protect against attacks on external or internal PCI slots (including M.2, Cardbus & ExpressCard).
More Information
For more information about DMA threats to BitLocker, see the following Microsoft Security blog:
Windows BitLocker Claims For more information about mitigations for cold attacks against BitLocker, see the following Microsoft Integrity Team blog:
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.
Notice
For Windows version 1803 and later versions, if your platform supports the new Kernel DMA Protection feature, we recommend that you leverage that feature to mitigate Thunderbolt DMA attacks. For earlier versions of Windowsor platforms that lack the new Kernel DMA Protection feature, if your organization allows for TPM-only protectors or supports computers in sleep mode, the following is one DMA mitigation option. Please refer to BitLocker Countermeasures to understand the spectrum of mitigations.
Also users may refer to Intel Thunderbolt 3 and Security on Microsoft Windows 10 Operating System documentation for alternative mitigations.
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
For more information about how to do this, go to the following Microsoft website:
Symptoms
A BitLocker-protected computer may be vulnerable to Direct Memory Access (DMA) attacks when the computer is turned on or is in the Standby power state. This includes when the desktop is locked.
BitLocker with TPM-only authentication allows for a computer to enter the power-on state without any pre-boot authentication. Therefore, an attacker may be able to perform DMA attacks.
In these configurations, an attacker may be able to search for BitLocker encryption keys in system memory by spoofing the SBP-2 hardware ID by using an attacking device that is plugged into a 1394 port. Alternatively, an active Thunderbolt port also provides access to system memory to perform an attack. Note that Thunderbolt 3 on the new USB Type-C connector includes new security features which can be configured to protect against this type of attack without disabling the port.
This article applies to any of the following systems:
Systems that are left turned on
Systems that are left in the Standby power state
Systems that use the TPM-only BitLocker protector
Cause
1394 physical DMA
Industry standard 1394 controllers (OHCI compliant) provide functionality that allows for access to system memory. This functionality is provided as a performance improvement. It enables large amounts of data to transfer directly between a 1394 device and system memory, bypassing CPU and software. By default, 1394 Physical DMA is disabled in all versions of Windows. The following options are available to enable 1394 Physical DMA:
An administrator enables 1394 Kernel Debugging.
Someone who has physical access to the computer connects a 1394 storage device that complies with the SBP-2 specification.
1394 DMA threats to BitLocker
BitLocker system integrity checks mitigate unauthorized Kernel Debugging status changes. However, an attacker could connect an attacking device to a 1394 port, and then spoof an SBP-2 hardware ID. When Windows detects an SBP-2 hardware ID, it loads the SBP-2 driver (sbp2port.sys), and then instructs the driver to allow for the SBP-2 device to perform DMA. This enables an attacker to gain access to system memory and search for BitLocker encryption keys.
Thunderbolt physical DMA
Thunderbolt is an external bus that allows for direct access to system memory via PCI. This functionality is provided as a performance improvement. It enables large amounts of data to transfer directly between a Thunderbolt device and system memory, thereby bypassing the CPU and software.
Thunderbolt threats to BitLocker
An attacker could connect a special purpose device to a Thunderbolt port and have full direct memory access through the PCI Express bus. This could enable an attacker to gain access to system memory and search for BitLocker encryption keys. Note that Thunderbolt 3 on the new USB Type-C connector includes new security features which can be configured to protect against this type of access.
Resolution
Some configurations of BitLocker can reduce the risk of this kind of attack. The TPM+PIN, TPM+USB, and TPM+PIN+USB protectors reduce the effect of DMA attacks when computers do not use sleep mode (suspend to RAM).
SBP-2 Mitigation
On the previously mentioned website, refer to the 'Prevent installation of drivers matching these device setup classes' section under 'Group Policy Settings for Device Installation'.
The following is the Plug and Play device setup class GUID for an SBP-2 drive:
d48179be-ec20-11d1-b6b8-00c04fa372a7
On some platforms, completely disabling the 1394 device may provide extra security. On the previously mentioned website, refer to the 'Prevent installation of devices that match these device IDs' section under 'Group Policy Settings for Device Installation'.
The following is the Plug and Play compatible ID for a 1394 controller:
PCICC_0C0010
Thunderbolt Mitigation
Beginning with Windows 10 version 1803, newer Intel-based systems include built-in kernel DMA protection for Thunderbolt 3. No configuration is required for this protection.
The Energy Conservatory Port Devices Driver Download For Windows 10 64
To block a Thunderbolt controller on a device running an earlier version of Windows, or for platforms that lack kernel DMA protection for Thunderbolt 3, refer to the 'Prevent installation of devices that match these device IDs' section under 'Group Policy Settings for Device Installation' on the previously mentioned website.
The following is the Plug and Play compatible ID for a Thunderbolt controller:
PCICC_0C0A
Notes
The drawback of this mitigation is that external storage devices can no longer connect by using the 1394 port, and all PCI Express devices that are connected to the Thunderbolt port will not work.
If your hardware deviates from current Windows Engineering Guidance, it may enable DMA on these ports after you start the computer and before Windows takes control of the hardware. This opens your system to compromise, and this condition is not mitigated by this workaround.
Blocking the SBP-2 driver and Thunderbolt controllers does not protect against attacks on external or internal PCI slots (including M.2, Cardbus & ExpressCard).
More Information
For more information about DMA threats to BitLocker, see the following Microsoft Security blog:
The Energy Conservatory Port Devices Driver Download For Windows 10 Free
Windows BitLocker Claims For more information about mitigations for cold attacks against BitLocker, see the following Microsoft Integrity Team blog:
The Energy Conservatory Port Devices Driver Download For Windows 10 Laptop
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.