Security News > 2021 > June > Microsoft's new security tool will discover firmware vulnerabilities, and more, in PCs and IoT devices
Vulnerabilities in firmware are a steadily growing percentage of the new issues added to the NIST National Vulnerability Database: five times as many attacks are happening as only four years ago.
All that is why Microsoft is buying ReFirm Labs, home of the open-source Binwalk tool, whose Centrifuge firmware platform automates the process of running static analysis to discover what firmware vulnerabilities you're already exposed to.
Most security technology depends on firmware to securely store credentials; if the firmware is compromised, so is the endpoint protection tool.
Firmware is a potential security issue on PCs, servers, IoT devices, network routers and a lot of other equipment.
"Every modern computing device is usually composed of six to seven - if not more on a server - different operating systems, one of which we have visibility into. Take a Surface laptop: you've got a Wi-Fi chip in there, running something like ThreadX, a real-time operating system that [Microsoft] bought [in 2019], you've got an SSD, with a separate embedded controller with a separate version of Linux: what's in that SSD?". Some IoT devices are well designed with good security options like secure boot and address space layout randomisation; others have open ports and absurdly vulnerable default passwords.
An experienced security researcher like Weston can use tools like BinWalk to investigate, but even getting to the point where you can perform static analysis to look for vulnerabilities in firmware has been a manual process involving a lot of scripting and unpacking that ReFirm makes faster and simpler.
News URL
Related news
- Microsoft Entra "security defaults" to make MFA setup mandatory (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft announces new and improved Windows 11 security features (source)
- Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity (source)
- Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package (source)