BACKGROUND:
Security researchers have found a flaw in Microsoft’s implementation of the Microsoft Windows Platform Binary Table (WPBT) mechanism, which can be exploited to compromise computers running Windows 8 and Windows 10 operating systems.
Microsoft describes WPBT as a fixed firmware Advanced Configuration and Power Interface (ACPI) table that was introduced with Windows 8 to enable OEMs and vendors to execute programs every time the Windows device boots up.
“The Eclypsium research team has identified a weakness in Microsoft’s WPBT capability that can allow an attacker to run malicious code with kernel privileges when a device boots up,” note the researchers.
Experts Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
This vulnerability highlights the importance of a layered security approach. In both the physical supply chain and the different layers of physical hardware and virtual operating systems, there is a multitude of attack vectors threat actors may exploit to thwart security. With a firmware attack such as the one discovered, attackers would be able to gain deep-rooted persistent access to a device. As we cannot rely on solely the operating system to identify and remediate such an attack after
.....Read MoreThis vulnerability highlights the importance of a layered security approach. In both the physical supply chain and the different layers of physical hardware and virtual operating systems, there is a multitude of attack vectors threat actors may exploit to thwart security. With a firmware attack such as the one discovered, attackers would be able to gain deep-rooted persistent access to a device. As we cannot rely on solely the operating system to identify and remediate such an attack after compromise. This calls for more in-depth defenses and security measures such as Microsoft Secured-core.
Read LessLinkedin Message
@Hugo Van den Toorn, Manager, Offensive Security , provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-commentary-millions-of-windows-10-pcs-exposed-by-nasty-security-vulnerability
Facebook Message
@Hugo Van den Toorn, Manager, Offensive Security , provides expert commentary at @Information Security Buzz.
"..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-commentary-millions-of-windows-10-pcs-exposed-by-nasty-security-vulnerability