23 Major BIOS Vulnerabilities Discovered, Impact Intel, Lenovo, Others

News has emerged of 23 new vulnerabilities that are particularly nefarious because the UEFI/BIOS-based attacks bypass security mechanisms and persist after drive formats and system re-installations, and attackers can exploit the vulnerabilities remotely. Security experts at Binarly have discovered 23 high-impact vulnerabilities hiding in BIOS/UEFI software from a multitude of system vendors, including Intel, Microsoft, Lenovo, Dell, Fujitsu, HP, HPE, Siemens, and Bull Atos (via Bleeping Computer). These vulnerabilities include SMM Callout or Privilege Escalation, SMM Memory Corruption, and DXE Memory corruption. 

Last week found news emerged of the MoonBounce malware that hides in your BIOS chip, but Binarly’s disclosure indicates a wide range of UEFI vulnerabilities that can be used as a springboard to install malware, or even new infected firmware images. 

Source News

Next Post

Arid Viper hackers strike Palestine with political lures and Trojans

Wed Feb 2 , 2022
The Arid Viper cyberattack group is back with a new campaign targeting Palestinian organizations and activists.  The advanced persistent threat (APT) group, believed to be located in Gaza — an area of conflict and hotbed of tension between Israel and Palestine — attacks organizations worldwide but now currently appears to […]

You May Like