Expert Commentary: Millions Of Windows 10 PCs Exposed By Nasty Security Vulnerability

BACKGROUND:

Security researchers have found a flaw in Microsoft’s implementation of the Microsoft Windows Platform Binary Table (WPBT) mechanism, which can be exploited to compromise computers running Windows 8 and Windows 10 operating systems.

Microsoft describes WPBT as a fixed firmware Advanced Configuration and Power Interface (ACPI) table that was introduced with Windows 8 to enable OEMs and vendors to execute programs every time the Windows device boots up.

“The Eclypsium research team has identified a weakness in Microsoft’s WPBT capability that can allow an attacker to run malicious code with kernel privileges when a device boots up,” note the researchers.

Experts Comments

September 28, 2021
Hugo Van den Toorn
Manager, Offensive Security
Outpost24

This vulnerability highlights the importance of a layered security approach. In both the physical supply chain and the different layers of physical hardware and virtual operating systems, there is a multitude of attack vectors threat actors may exploit to thwart security. With a firmware attack such as the one discovered, attackers would be able to gain deep-rooted persistent access to a device. As we cannot rely on solely the operating system to identify and remediate such an attack after

.....Read More

This vulnerability highlights the importance of a layered security approach. In both the physical supply chain and the different layers of physical hardware and virtual operating systems, there is a multitude of attack vectors threat actors may exploit to thwart security. With a firmware attack such as the one discovered, attackers would be able to gain deep-rooted persistent access to a device. As we cannot rely on solely the operating system to identify and remediate such an attack after compromise. This calls for more in-depth defenses and security measures such as Microsoft Secured-core.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.