Researchers have found backdoor-like behavior within Gigabyte systems, which enables the UEFI firmware to drop a Windows executable and retrieve updates in an unsecure format.
According to The Hacker News, the utility allows attackers to launch malicious code into the firmware and then download and execute it.
This is because most Gigabyte firmware includes a Windows Native Binary executable embedded inside.
Eclypsium’s John Loucaides explains the exploit in an article published by The Hacker News.
He says that since firmware updates do not receive high uptake from end-users, he hopes that adding an update application in firmware might help.
However, he warns that the irony of an attack that relies on a highly insecure update application, backed into firmware to automatically download and run a payload, is not lost.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply