Security News

More ASUS customers can now install Windows 11 24H2 after applying a BIOS update that resolves blue screen of death (BSOD) issues acknowledged in October. [...]

Devices on six-year-old firmware vulnerable to takeover and destruction Argentine cybersecurity shop Eclypsium claims security issues affecting leading DNA sequencing devices could lead to...

BIOS/UEFI vulnerabilities in the iSeq 100 DNA sequencer from U.S. biotechnology company Illumina could let attackers disable devices used for detecting illnesses and developing vaccines. [...]

MSI has released BIOS updates to fix a known issue that triggers blue screens of death on Windows computers after installing August 2023 preview updates. "The new BIOS coming will include an update on the Intel CPU uCode which will prevent any more messages regarding the 'UNSUPPORTED PROCESSOR' issues. This upcoming update will correspond to both 13th-generation and newer ones," MSI said on Wednesday.

Qualcomm on Tuesday released patches to address multiple security flaws in its chipsets, some of which could be exploited to cause information disclosure and memory corruption. The five vulnerabilities - tracked from CVE-2022-40516 through CVE-2022-40520 - also impact Lenovo ThinkPad X13s laptops, prompting the Chinese PC maker to issue BIOS updates to plug the security holes.

Source code for the BIOS used with Intel's 12th-gen Core processors has been leaked online, possibly including details of undocumented model-specific registers and even the private signing key for Intel's Boot Guard security technology. </p. Other folks have claimed to the file contains tools for provisioning or tweaking BIOS images, as well as Intel's reference implementation of the Alder Lake UEFI and an OEM implementation, said to be that of Lenovo.

Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub last week. The published content contains Unified Extensible Firmware Interface code for Alder Lake, the company's 12th generation processors that was originally launched in November 2021.

Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic, raising cybersecurity concerns with researchers. On Friday, a Twitter user named 'freak' posted links to what was said to be the source code for Intel Alder Lake's UEFI firmware, which they claim was released by 4chan.

Chinese computer manufacturer Lenovo has issued a security advisory to warn of several high-severity BIOS vulnerabilities impacting hundreds of devices in the various models. CVE-2022-40134: Information leak flaw in the SMI Set Bios Password SMI Handler, allowing an attacker to read SMM memory.

Five new security weaknesses have been disclosed in Dell BIOS that, if successfully exploited, could lead to code execution on vulnerable systems, joining the likes of firmware vulnerabilities recently uncovered in Insyde Software's InsydeH2O and HP Unified Extensible Firmware Interface. "The active exploitation of all the discovered vulnerabilities can't be detected by firmware integrity monitoring systems due to limitations of the Trusted Platform Module measurement," firmware security company Binarly, which discovered the latter three flaws, said in a write-up.