Security News
Infosec in brief Protecting computers' BIOS and the boot process is essential for modern security - but knowing it's important isn't the same as actually taking steps to do it. Take the research published last week by security boffins at firmware security vendor Binarily.
On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than 200 device models sold by Acer, Dell, Gigabyte, Intel, and Supermicro. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022.
Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware. As the Binarly Research Team found, affected devices use a test Secure Boot "Master key"-also known as Platform Key-generated by American Megatrends International, which was tagged as "DO NOT TRUST" and that upstream vendors should've replaced with their own securely generated keys.
The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances. Tracked...
A set of nine vulnerabilities, collectively called 'PixieFail,' impact the IPv6 network protocol stack of Tianocore's EDK II, the open-source reference implementation of the UEFI specification widely used in enterprise computers and servers. The flaws are present in the PXE network boot process, which is crucial for provisioning operating systems in data centers and high-performance computing environments, and a standard procedure for loading OS images from the network at boot.
Since Friday, Windows users have reported problems with the operating system freezing shortly after booting, an issue linked to a faulty update for Avira's security software. A considerable number of Windows 11 and Windows 10 customers have experienced these system freezes, with most linking the issues to Avira.
Widespread Windows and Linux Vulnerabilities Could Let Attackers Sneak in Malicious Code Before Boot
Widespread Windows and Linux Vulnerabilities Could Let Attackers Sneak in Malicious Code Before Boot Lenovo, AMI and Insyde have released patches for LogoFAIL, an image library poisoning attack. Researchers at firmware supply chain security platform company Binarly discovered a set of security vulnerabilities that open almost all Windows and Linux computers up to attack.
According to complaints from Windows admins, the issue is triggered after installing KB5031361 and KB5031364 on Windows Server 2019 and Windows Server 2022 systems. When it released the buggy cumulative updates, the company revised the support document for KB5031364, including and removing a known issue related to VMware ESXi, describing boot issues encountered by guest VMs operating Windows Server 2022 with Secure Boot enabled.
Western Digital is warning owners of My Cloud series devices that can no longer connect to cloud services starting on June 15, 2023, if the devices are not upgraded to the latest firmware, version 5.26.202. "Devices on firmware below 5.26.202 will not be able to connect to Western Digital cloud services starting June 15, 2023, and users will not be able to access data on their device through mycloud.com and the My Cloud OS 5 mobile app until they update the device to the latest firmware," explains a Western Digital support bulletin.