Is it affected by Thunderspy?

All Thunderbolt controllers are successible to a "Thuderspy" type of attack on Windows 10 up until 1909 (I couldn't find data on 2004, the May 2020 update) and certain Linux distributions. Fortunately this attack is highly targeted and requires physical access to the thunderbolt equipped workstation and also some way of accessing any device that you might plug into a port connected to the exploited controller. Unless you are in a scenario where this is not only possible but also highly probable, it shouldn't be too high up on the concerns list.

SihastruAll Thunderbolt controllers are successible to a "Thuderspy" type of attack on Windows 10 up until 1909 (I couldn't find data on 2004, the May 2020 update) and certain Linux distributions. Fortunately this attack is highly targeted and requires physical access to the thunderbolt equipped workstation and also some way of accessing any device that you might plug into a port connected to the exploited controller. Unless you are in a scenario where this is not only possible but also highly probable, it shouldn't be too high up on the concerns list.

Oh, you see, it's not the practical execution I'm worried about. It's the fact that intel (and many others) are so lazy when it comes to security.
Issues with Thunderbolt are so blatant that Thunderbolt should have stayed on some draft paper, had anyone with at least a common sense glanced at it. Meaning - intel didn't care either way.

Please don't block-quote the message directly above your message.

That being said, I disagree with you wholeheartedly. You should read the tech paper on "Thunderspy", the exploit literally requires that the attacker reflashes the Thunderbolt firmware using specialized hardware that amounts to about $600, not a large sum, but a hurdle for most, for sure. This new firmware literally disables most, if not all, security features implemented by Intel. After this step, the problem lies almost exclusively with the OS implementation of certain things.

This type of "exploit" is technically possible on most hardware devices that use firmware. The only way of circumventing it would probably be some kind of always on internet connected DRM. And that's a different kind of can of worms altogether. This type of "exploit" could make its way in the tech security news section only by ways of the bandwagon effect.

Honestly, this add-on card should be given for free to their Owners, especially those of the Z490 boards which are ridiculously priced this generation.