Oh C’mon! Do We Really Need This On A Friday?
There is yet another way to get one of the nastiest types of infections going, that being a UEFI bootkit. This type of malware hides in the extra space in your UEFI BIOS and is able to happily avoid detection by any of your scanners, since they can’t access that chip. The bootkit can then infect you with a variety of other malware, and even if you happen to detect and remove it, next reboot it will happen again since the actual infection is in your motherboards CMOS. There have been a few discovered already, but LogoFAIL is a new one, and exactly the type of thing to ruin someone’s day.
As the name implies, LogoFAIL describes a way in which “an attacker could store a malicious image or logo on the EFI System Partition” in some sort of malicious use of steganography. Since the infection is in the image file LogoFAIL doesn’t need to modify the bootloader nor the firmware on your UEFI like previous bootkits have done, which makes it even harder to find. The bootloader is not hardware dependant, it will happily infect any motherboard or similar device, and it completely avoids any secure boot protections from any of the vendors that offer that type of protection.
Ready for happy hour at your favourite local yet?
Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver bootkits.
More Tech News From Around The Web
- Uh-oh, update Google Chrome – exploit already out there for one of these 6 security holes @ The Register
- Absolutely Everything About The Coleco Adam, 8-bit Home Computer @ Hackaday
- Apple fixes two new iOS zero-days in emergency updates @ Bleeping Computer
- Meta goes to war with FTC over right to profit from kids’ personal data @ The Register
- Windows 10 KB5032278 update adds Copilot AI assistant, fixes 13 bugs @ Bleeping Computer
- Meta yanks VR headset’s strap-on booster battery after charging bricks it @ The Register
- Falsified Photos: Fooling Adobe’s Cryptographically-Signed Metadata @ Hackaday
- TTime to take action: Google’s inactive account purge begins Friday @ The Register
- GAMDIAS ZELUS M3 WEAVE Gaming Chair Review @ NikKTech
- Boulies Master Series Gaming Chair @ Guru of 3D
As usual “Making it PRETTY” instead of “Making it GOOD” is the cause of computing problems. Having to decode a colorful compressed image opened the door to poorly checked commercial library software. It’s long past time for Strict Liability in commercial software, firmware, and “smart” devices, so that no disclaimer can absolve guilt for management choosing profit over perfection.