<
https://www.tomshardware.com/pc-components/motherboards/logofail-exploit-bypasses-hardware-and-software-security-measures-and-is-nearly-impossible-to-detect-or-remove>
"Computers running Windows or Linux are vulnerable to a new type of firmware
attack called LogoFAIL, according to a report from
Ars Technica. This attack
has proven to be extremely effective because it rewrites the logo that
typically appears when the system boots after a successful POST (hence the
name, "LogoFAIL"), which is early enough that it can bypass security measures
designed to prevent bootkit attacks.
The issue affects any motherboards using UEFI provided by Independent BIOS
Vendors (IBVs). IBVs such as AMI, Insyde, and Phoenix will need to release UEFI
patches to motherboard companies. Because of the way LogoFAIL overwrites the
boot-up logo in the UEFI, the exploit can be executed on any platform using
Intel, AMD, or ARM running any Windows operating system or Linux kernel. It
works because of the way the rewriteable boot logo is executed when the system
turns on. It affects both DIY and prebuilt systems with certain functions kept
open by default."
POST = Power On Self Test
Cheers,
*** Xanni ***
--
mailto:xanni@xanadu.net Andrew Pam
http://xanadu.com.au/ Chief Scientist, Xanadu
https://glasswings.com.au/ Partner, Glass Wings
https://sericyb.com.au/ Manager, Serious Cybernetics
