cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack

Hi All

 

An interesting technique which affects Windows and Linux devices due to LogoFAIL firmware attack.

 

https://arstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new...

 

A nice comprehensive explanation.

 

Regards

 

Caute_Cautim

 

 

1 Reply
JoePete
Advocate I

A good example of the double-edge sword of "softening" firmware through UEFI. Sure, you can update/patch it easily, which means, so too can malware. What UEFI has essentially done is to set standard procedure for malware recovery to "buy a new laptop."

 

That said, to pull off this other other attacks would require an initial compromise of the OS (so that it could then update UEFI). Granted that is not a huge hurdle given the range of vulnerabilities.