Switch to SSD Crucial MX500 They are among the oldest and have historically been the best-selling in the world, and although they are 2.5-inch units with a SATA 3 interface, today many users still keep them active on their PC. If you are one of them, be careful because a vulnerability which could make your computer a target for external attacks, but don’t worry because we explain everything below.
Specifically, the vulnerability has been named CVE-2024-42642, and this may mean that the SSD is vulnerable to attacks from buffer overflow which, in short, can cause data leaks; in other words, a malicious attacker could take advantage of this vulnerability to access data stored on your SSD.
How to know if your Crucial MX500 SSD is affected
Fortunately, to our knowledge, this vulnerability only affects the latest version of SSD firmware, the M3CR046So unless you updated your SSD firmware relatively recently, your drive should be unaffected. This firmware was made available to users in May of this year 2024, so if you haven’t updated your firmware since then, you should be safe.
In any case, it is easy to check the firmware of your device. To do this, you can use applications like CrystalDisk Info, which is free, and when you run it, you will see that the version of its firmware will appear just below the name of the SSD. We mark it in red in the following image, which although it is not a Crucial MX500, the information is in the same place and will serve as a reference.
If your SSD firmware is not M3CR046, then you have nothing to worry about and in theory you are safe from this vulnerability. However, if you have recently updated the firmware of your Crucial MX500 SSD and, after checking as we have indicated, you do indeed have the M3CR046 firmware, then your PC is currently vulnerable to possible attacks as we explained in the introduction.
What to do in these cases? Well, for starters, you should know that Crucial is already working on a solution, and they should soon release a new firmware update for the MX500 that fixes the vulnerability. Unfortunately, in the meantime, there’s not much you can do except not use the SSD; after all, it’s a SATA 3 SSD that was released over 6 years ago, and it’s probably not the main drive in your system. In this case, you can always temporarily disconnect it from the PC.
We also tell you something else: when a hardware device has been affected by a vulnerability, it does not mean that your PC will be hacked because of it. That this possibility exists is a reality, yes, but the chances of it happening to you are quite slim. Now, be warned: if you are affected and continue to use the SSD, it “could” happen to you.
