Just tested the script provided by the researchers [1]. Yep, it works, and my system is vulnerable.<p>----------<p>[1] <a href="https://raw.githubusercontent.com/eset/malware-research/master/kr00k/kr00k.py" rel="nofollow">https://raw.githubusercontent.com/eset/malware-research/mast...</a>
When Kr00k was released we almost knows that this isn't special "feature" only for Broadcom chips. And was just matter of time Qualcomm to be hit with similar.
I’ve never understood this: When TLS gets updated seemingly yearly, why should we trust crypto implemented in hardware and set in stone by standards ages ago?