Many commercial computers are vulnerable to a set of vulnerabilities that exploit flaws in the processing of startup logos during boot.
Security researchers at Binarly have disclosed security vulnerabilities in system firmware used by computer manufacturers during the boot process. The vulnerability impacts x86 and ARM-based devices.
The set of vulnerabilities is found in BIOS software created by different companies, including the three largest independent bios vendors AMI, Insyde and Phoenix. These are widely used in the industry, for instance in computers by Intel, Acer or Lenovo. Alex Matrosov, CEO at Binarly, says that about 95% of all computers use firmware from the three bios vendors.
Binarly says that it estimates that almost any device produced by these vendors is vulnerable "in one way or another".
In simple terms, LogoFail exploits vulnerabilities in image parsers that affected devices use to display vendor logos during boot. Different image parsers are used to display different image types, and "they are rife with vulnerabilities" according to Matrosov.
A hacker needs to replace the vendor image with a specially prepared one to exploit the vulnerability and execute arbitrary code on the machine. Binarly explains that attackers may store malicious logo images on the EFI System Partition or inside unsigned sections of a firmware update. The images are then parsed during boot and this initiates the attack on the device.
The attack allows attackers to bypass security features such as Secure Boot. Binarly notes that this also affects hardware-based Verified Boot systems, including Intel Boot Guard, AMD Hardware-Validated Boot and ARM TrustZone-based Secure Boot.
Binarly believes that the attacker may be able to bypass "most endpoint security solutions" and integrate a persistent stealth firmware bootkit on the system. In other words, attackers may exploit LogoFail to compromise the security of many computer systems.
Attackers need to gain administrative access on target devices to exploit the vulnerability. This can be achieved through malicious payloads planted on the system, for instance by getting the user to run malicious software, or through exploits.
Once access is gained, the attacker would replace the vendors boot logo with a malicious logo, which the device would then load during boot.
An attacker would be able to disable UEFI security features, such as SecureBoot, modify the boot order and execute malicious software to infect operating systems.
Firmware updates are available or will be released for some of the affected devices. Administrators may want to check for firmware updates for devices that they manage that address the vulnerabilities. Not all devices will receive firmware updates, however. Especially devices that are no longer in support may not receive them.
A search for "device name firmware update" or "device name drivers" should return the driver download website of the manufacturer of the device.
Users on devices without firmware updates need to be extra cautious and use protections to avoid the initial attack on the device (which needs administrative access).
Additional information about the vulnerability is found on the Binarly website and on the CERT database.
OpenAI has made GPT-4.1 more widely available, as ChatGPT Plus, Pro, and Team users can now access the AI model. On Wednesday, the brand announced tha
A Chat-GPT screenless phone could be on the horizon and it should be something Apple is worried about when it comes to iPhone.Apple is already struggl
OpenAI did text generation and image generation separately for quite a while, but that all changed a couple of weeks ago when it added image capabilit
Barely a few weeks ago, Google introduced a new AI Search mode. The idea is to provide answers as a wall of text, just the way an AI chatbot answers y
ElevenLabs, the buzzy New York-based company specializing in AI audio tools, is diving headfirst into the world of audiobook publishing. Merely days a
OpenAI released its Sora text-to-video generation tool late in 2024, and expanded it to the European market at the end of February this year. It seems
An empty Maserati MC20 driven by an AI system recently set a new speed record for an autonomous vehicle, reaching a blistering 197.7 mph (318 kph) at
Elon Musk was one of the founding members of OpenAI, but made a sour exit before ChatGPT became a thing. The billionaire claims he wasn’t happy with t
We are a comprehensive and trusted information platform dedicated to delivering high-quality content across a wide range of topics, including society, technology, business, health, culture, and entertainment.
From breaking news to in-depth reports, we adhere to the principles of accuracy and diverse perspectives, helping readers find clarity and reliability in today’s fast-paced information landscape.
Our goal is to be a dependable source of knowledge for every reader—making information not only accessible but truly trustworthy. Looking ahead, we will continue to enhance our content and services, connecting the world and delivering value.
