Tag

Firmware Attack

All articles tagged with #firmware attack

Widespread Vulnerability: LogoFAIL Exploit Threatens Windows and Linux Devices

Originally Published 2 years ago — by Slashdot

Researchers have discovered a series of vulnerabilities, known as LogoFAIL, in the Unified Extensible Firmware Interfaces (UEFIs) of Windows and Linux devices. These vulnerabilities allow for the undetectable installation of malicious code during the boot process by replacing legitimate logo images with specially crafted ones. The vulnerabilities affect UEFI suppliers, device manufacturers, and CPU makers. Once arbitrary code execution is achieved, attackers have full control over the device's memory and disk, including the operating system. The best defense against LogoFAIL attacks is to install UEFI security updates and configure multiple layers of defenses, such as Secure Boot and Intel Boot Guard.

technology cybersecurity cybersecurity firmware-attack linux logofail uefi windows

LogoFAIL: New Firmware Attack Exploits UEFI Vulnerabilities on Windows and Linux Devices

Originally Published 2 years ago — by Ars Technica

A new firmware attack called LogoFAIL has been discovered, affecting hundreds of Windows and Linux computer models from various hardware makers. The attack exploits vulnerabilities in Unified Extensible Firmware Interfaces (UEFIs) responsible for booting devices, allowing for the execution of malicious firmware early in the boot-up sequence. LogoFAIL can be remotely executed and bypasses traditional endpoint security products, including Secure Boot. The vulnerabilities have been disclosed by multiple companies, and security patches are being released. The attack gives threat actors control over the memory and disk of the target device, compromising platform security.

technology cybersecurity cybersecurity firmware-attack linux logofail vulnerability windows