UEFIs booting Windows and Linux devices can be hacked by malicious logo images.

Dan Goodin - 12/6/2023, 3:02 PM

  • wincing_nucleus073@lemm.ee
    link
    fedilink
    arrow-up
    16
    arrow-down
    2
    ·
    11 months ago

    this is a physical access attack. if they already have physical access they can do a million other things too. this is kind of not important to be fair.

    • Grunt4019@lemm.ee
      link
      fedilink
      arrow-up
      7
      ·
      11 months ago

      There is a remote vector as well beyond just physical access.

      There are several ways to exploit LogoFAIL. Remote attacks work by first exploiting an unpatched vulnerability in a browser, media player, or other app and using the administrative control gained to replace the legitimate logo image processed early in the boot process with an identical-looking one that exploits a parser flaw. The other way is to gain brief access to a vulnerable device while it’s unlocked and replace the legitimate image file with a malicious one.