Intel, AMD, Microsoft and others could be at risk if UEFI flaw is left unpatched
Researchers at Binarly, a firmware protection company that looks into software vulnerabilities, has just found major flaws in the InsydeH2O UEFI firmware that could allow remote attackers admin privileges through the interface.
InsydeH2O's UEFI is the preferred boot software interface used by Microsoft, Intel, AMD, Lenovo, Asus, HP, and many other well known hardware vendors, as an alternative to legacy BIOS modes for booting up your machine.
Intel, one of the companies that's confirmed it's been affected, announced a while back that it planned to completely replace BIOS by 2020, which it did. Along with many other OEMs, the UEFI firmware was favoured due to its many advantages, including the ability to boot from larger drives, a slicker settings UI, and speedier boot times. One of the main benefits was is its ability to SecureBoot.
For that reason, UEFI has been widely considered the safer boot option.
As Bleeping Computer highlights, the vulnerability discovered could allow attackers to gain admin privileges, and exploit the target PC in a few ways. These include the ability to invalidate hardware security features such as SecureBoot and Intel BootGuard, install persistent software that's hard to detect and erase, as well as create backdoors and communications channels to rob users of their personal data.
Altogether, 23 flaws were detected. Ten of these could allow some nasty so-and-so privilege escalation ability, twelve could have them exploiting your PC through memory corruption flaws in System Management Mode (SMM), and one is a memory corruption vulnerability inside the Driver eXecution Environment (DXE).
Best gaming PC: the top pre-built machines from the prosBest gaming laptop: perfect notebooks for mobile
Read more on pcgamer.com
