News

Researchers find serious vulnerabilities in uefi

By admin
Spread the love

Miter researchers have found two vulnerabilities in uefi, the platform that has largely replaced the bios. An attacker with administrative rights can therefore, for example, flash his own firmware to the uefi chip on Windows 8.

The two vulnerabilities allow attackers to do absolutely anything they want, say researchers at Miter, a non-profit research institution. For example, a computer can be infected with a rootkit that remains even after reinstalling an operating system. For example, the researchers built malware that is permanently present in the system management mode of x86 processors and that cannot be detected by the user. In addition, Secure Boot can be disabled. Also, a computer could be permanently bricked.

The vulnerabilities are in Intel’s reference implementation for uefi chips, which has been adopted by many other companies. In any case, Uefi chips from Intel itself, as well as Phoenix, AMI and HP are affected. 1500 systems from HP would have been affected; updates will now be issued for those systems. Dell’s Uefi chips have vulnerable code, but an attack proves ineffective; the vulnerable code will be completely removed anyway just to be safe. It is unclear what about manufacturers such as Acer, Asus, Gigabyte and MSI.

The integer overflow vulnerabilities allow an attacker to inject their own code. In any case, the vulnerabilities can be exploited under Windows 8, which offers a special api for updating the uefi firmware. It is not yet clear whether other operating systems can also be used for an attack on the uefi firmware.

Under Windows 8, an attacker must have administrator rights to exploit the vulnerabilities, but another vulnerability could be exploited to do so. For example, a Windows vulnerability recently surfaced that allows attackers to inject their own code via Office objects; if a user is logged in as administrator, that code will run as administrator.

It is not yet clear whether the vulnerability has been exploited. The researchers advise users to update their bios as soon as possible. The researchers also believe that the source code of UEFI firmware should be able to be inspected.

You might also like
News

Zeeland power grid is full, grid operator stops new requests from major consumers

News

ASUS will produce and support NUC mini PCs after Intel exit

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Igor’s Lab shares specs LGA1851 socket Arrow Lake: PCIe 5.0 SSDs and more pins

News

PC version Ratchet & Clank: Rift Apart required by DirectStorage 1.2 no SSD

News

Acer also comes with Radeon video card with two different types of fans

Exit mobile version