"'LogoFail' Vulnerabilities May Affect 95% Of Computers, Researchers Say"

According to researchers, firmware vulnerabilities that may impact 95 percent of computers allow hackers to bypass boot security and execute malware upon startup. The flaws come from image parsers in Unified Extensible Firmware Interface (UEFI) system firmware that are used to load logo images on startup screens. Therefore, the vulnerabilities are collectively named "LogoFAIL." Hundreds of consumer and enterprise-grade devices from different vendors, including Intel, Acer, and Lenovo, could be affected, according to researchers from the firmware supply chain security company Binarly, who discovered the bugs. A hacker needs to have access to the EFI System Partition (ESP), where the logo image is stored, in order to exploit LogoFAIL. They need to have gained remote access by exploiting other bugs or have physical access to the device. This article continues to discuss the firmware vulnerabilities impacting most computers that enable hackers to execute malicious code and bypass boot security systems.

SC Magazine reports "'LogoFail' Vulnerabilities May Affect 95% Of Computers, Researchers Say"

Submitted by grigby1