Expert Commentary: Millions Of Windows 10 PCs Exposed By Nasty Security Vulnerability
By   ISBuzz Team
Writer , Information Security Buzz | Sep 28, 2021 02:25 am PST

BACKGROUND:

Security researchers have found a flaw in Microsoft’s implementation of the Microsoft Windows Platform Binary Table (WPBT) mechanism, which can be exploited to compromise computers running Windows 8 and Windows 10 operating systems.

Microsoft describes WPBT as a fixed firmware Advanced Configuration and Power Interface (ACPI) table that was introduced with Windows 8 to enable OEMs and vendors to execute programs every time the Windows device boots up.

“The Eclypsium research team has identified a weakness in Microsoft’s WPBT capability that can allow an attacker to run malicious code with kernel privileges when a device boots up,” note the researchers.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Hugo Van den Toorn
Hugo Van den Toorn , Manager, Offensive Security
September 28, 2021 10:26 am

<p>This vulnerability highlights the importance of a layered security approach. In both the physical supply chain and the different layers of physical hardware and virtual operating systems, there is a multitude of attack vectors threat actors may exploit to thwart security. With a firmware attack such as the one discovered, attackers would be able to gain deep-rooted persistent access to a device. As we cannot rely on solely the operating system to identify and remediate such an attack after compromise. This calls for more in-depth defenses and security measures such as <a href=\"https://u7061146.ct.sendgrid.net/ls/click?upn=4tNED-2FM8iDZJQyQ53jATUdV3pAdrG82pKqP0kRJ-2BiHBXsbatXqJc1dh5A4MiresdqqNyTlEvmkDXMVr-2F1TTtsL6eULCJBCZ31D5fI7MqJccbZDbOaDd2EjSZ-2F-2FxsEminvmxk_S3RA1gMvL7v1TdZrqvF2X48vY2LyH9KYdxKxBaPFp6Fl1TEEsXDQbgk-2FWPw9Ah5nwh5z3HPLIw79cePUeHvYGbACtpGEOUo9gKA7RdPV7CHYnRZ1BgjoepqPsAq5T4X7K-2Bw26wspumVv2xNKnDUQkY6ae354Eas3IUN-2BJ6z3tAKymBt6ougLP3Cr23OXZ6795v-2BxAUn3Wf-2FDqJQpUJt6fsyKMib8jkZ6mQM-2BBbWDtN-2FNc2lO1jOwgQzNc3xuf1HY-2BLf48lQZRuKzoL5PsGSJRgpgdIKXzJLyTnYJVwJsjFbR7EPT0h7kaZ6t1P9XJj-2FRw67CZ-2BcUhxTu5tv8S-2FkQqRGL6DbPqGoCFqfheumiKLZTC8AyPTpXKJzXidj3fQyT\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://u7061146.ct.sendgrid.net/ls/click?upn4tNED-2FM8iDZJQyQ53jATUdV3pAdrG82pKqP0kRJ-2BiHBXsbatXqJc1dh5A4MiresdqqNyTlEvmkDXMVr-2F1TTtsL6eULCJBCZ31D5fI7MqJccbZDbOaDd2EjSZ-2F-2FxsEminvmxk_S3RA1gMvL7v1TdZrqvF2X48vY2LyH9KYdxKxBaPFp6Fl1TEEsXDQbgk-2FWPw9Ah5nwh5z3HPLIw79cePUeHvYGbACtpGEOUo9gKA7RdPV7CHYnRZ1BgjoepqPsAq5T4X7K-2Bw26wspumVv2xNKnDUQkY6ae354Eas3IUN-2BJ6z3tAKymBt6ougLP3Cr23OXZ6795v-2BxAUn3Wf-2FDqJQpUJt6fsyKMib8jkZ6mQM-2BBbWDtN-2FNc2lO1jOwgQzNc3xuf1HY-2BLf48lQZRuKzoL5PsGSJRgpgdIKXzJLyTnYJVwJsjFbR7EPT0h7kaZ6t1P9XJj-2FRw67CZ-2BcUhxTu5tv8S-2FkQqRGL6DbPqGoCFqfheumiKLZTC8AyPTpXKJzXidj3fQyT&source=gmail&ust=1632910651174000&usg=AFQjCNEXzT3MavDerLhQuv2571KbUXcUFg\">Microsoft Secured-core</a>.</p>

Last edited 2 years ago by Hugo Van den Toorn
0
Reply

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

 

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts

1
0
Would love your thoughts, please comment.x
()
x