Expert Commentary: Millions Of Windows 10 PCs Exposed By Nasty Security Vulnerability

By   ISBuzz Team
Writer , Information Security Buzz | Sep 28, 2021 02:25 am PST


Security researchers have found a flaw in Microsoft’s implementation of the Microsoft Windows Platform Binary Table (WPBT) mechanism, which can be exploited to compromise computers running Windows 8 and Windows 10 operating systems.

Microsoft describes WPBT as a fixed firmware Advanced Configuration and Power Interface (ACPI) table that was introduced with Windows 8 to enable OEMs and vendors to execute programs every time the Windows device boots up.

“The Eclypsium research team has identified a weakness in Microsoft’s WPBT capability that can allow an attacker to run malicious code with kernel privileges when a device boots up,” note the researchers.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Hugo Van den Toorn
Hugo Van den Toorn , Manager, Offensive Security
September 28, 2021 10:26 am

<p>This vulnerability highlights the importance of a layered security approach. In both the physical supply chain and the different layers of physical hardware and virtual operating systems, there is a multitude of attack vectors threat actors may exploit to thwart security. With a firmware attack such as the one discovered, attackers would be able to gain deep-rooted persistent access to a device. As we cannot rely on solely the operating system to identify and remediate such an attack after compromise. This calls for more in-depth defenses and security measures such as <a href=\"\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"\">Microsoft Secured-core</a>.</p>

Last edited 2 years ago by Hugo Van den Toorn

Recent Posts

Would love your thoughts, please comment.x