And that introduces a specific type of supply chain threat: someone who possesses a computer can infect their own computer, sell it or transfer it to the target, and then use the embedded microcode against the target, even if the target completely reformats and reinstalls a new OS from scratch.
That’s not going to affect most people, but for certain types of high value targets they now need to make sure that the hardware they buy hasn’t already been infected in the supply chain.
And that introduces a specific type of supply chain threat: someone who possesses a computer can infect their own computer, sell it or transfer it to the target, and then use the embedded microcode against the target, even if the target completely reformats and reinstalls a new OS from scratch.
That’s not going to affect most people, but for certain types of high value targets they now need to make sure that the hardware they buy hasn’t already been infected in the supply chain.