Security News > 2021 > June > Microsoft's new security tool will discover firmware vulnerabilities, and more, in PCs and IoT devices

Vulnerabilities in firmware are a steadily growing percentage of the new issues added to the NIST National Vulnerability Database: five times as many attacks are happening as only four years ago.

All that is why Microsoft is buying ReFirm Labs, home of the open-source Binwalk tool, whose Centrifuge firmware platform automates the process of running static analysis to discover what firmware vulnerabilities you're already exposed to.

Most security technology depends on firmware to securely store credentials; if the firmware is compromised, so is the endpoint protection tool.

Firmware is a potential security issue on PCs, servers, IoT devices, network routers and a lot of other equipment.

"Every modern computing device is usually composed of six to seven - if not more on a server - different operating systems, one of which we have visibility into. Take a Surface laptop: you've got a Wi-Fi chip in there, running something like ThreadX, a real-time operating system that [Microsoft] bought [in 2019], you've got an SSD, with a separate embedded controller with a separate version of Linux: what's in that SSD?". Some IoT devices are well designed with good security options like secure boot and address space layout randomisation; others have open ports and absurdly vulnerable default passwords.

An experienced security researcher like Weston can use tools like BinWalk to investigate, but even getting to the point where you can perform static analysis to look for vulnerabilities in firmware has been a manual process involving a lot of scripting and unpacking that ReFirm makes faster and simpler.

News URL

https://www.techrepublic.com/article/microsofts-new-security-tool-will-discover-firmware-vulnerabilities-and-more-in-pcs-and-iot-devices/#ftag=RSS56d97e7