Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎12-07-2023 04:38 PM
‎12-07-2023 04:38 PM

Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack

Hi All

 

An interesting technique which affects Windows and Linux devices due to LogoFAIL firmware attack.

 

https://arstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new...

 

A nice comprehensive explanation.

 

Regards

 

Caute_Cautim

 

 

Reply
1 Reply
JoePete
Advocate I
‎12-08-2023 08:17 AM
‎12-08-2023 08:17 AM

A good example of the double-edge sword of "softening" firmware through UEFI. Sure, you can update/patch it easily, which means, so too can malware. What UEFI has essentially done is to set standard procedure for malware recovery to "buy a new laptop."

 

That said, to pull off this other other attacks would require an initial compromise of the OS (so that it could then update UEFI). Granted that is not a huge hurdle given the range of vulnerabilities.

 

Reply