all InfoSec news
New Windows/Linux Firmware Attack
Security Boulevard securityboulevard.com
Interesting attack based on malicious pre-OS logo images:
LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Linux….
The vulnerabilities are the subject of a coordinated mass disclosure released Wednesday. The participating companies comprise nearly the entirety of the x64 and ARM CPU ecosystem, starting with UEFI suppliers AMI, Insyde, and Phoenix (sometimes still called IBVs …
attack bios companies constellation coordinated devices disclosure exploits firmware images linux logo logofail malicious responsible run vulnerabilities windows