ProHoster > Блог > xov xwm hauv internet > LogoFAIL - tawm tsam ntawm UEFI firmware los ntawm kev hloov pauv ntawm cov cim tsis zoo

LogoFAIL - tawm tsam ntawm UEFI firmware los ntawm kev hloov pauv ntawm cov cim tsis zoo

Cov kws tshawb fawb los ntawm Binarly tau txheeb xyuas qhov muaj qhov tsis zoo hauv cov duab parsing code siv hauv UEFI firmware los ntawm ntau lub tuam txhab. Qhov tsis zoo no tso cai rau ib tus neeg ua tiav cov lej ua tiav thaum lub khau raj los ntawm kev tso cov duab tsim tshwj xeeb hauv ESP (EFI System Partition) lossis hauv ib feem ntawm firmware hloov tshiab uas tsis tau kos npe digitally. Txoj kev npaj tawm tsam tuaj yeem siv los hla UEFI Secure Boot tau kuaj xyuas khau raj thiab cov cuab yeej tiv thaiv kho vajtse xws li Intel Boot Guard, AMD Hardware-Validated Boot thiab ARM TrustZone Secure Boot.

Qhov teeb meem yog tshwm sim los ntawm qhov tseeb tias lub firmware tso cai rau koj los tso saib cov neeg siv cov cim logos thiab siv cov duab parsing cov tsev qiv ntawv rau qhov no, uas tau ua tiav ntawm qib firmware yam tsis tau rov pib dua cov cai. Nws tau raug sau tseg tias niaj hnub firmware suav nrog cov lej rau kev txheeb xyuas BMP, GIF, JPEG, PCX thiab TGA hom, uas muaj qhov tsis zoo uas ua rau tsis muaj dej txaus thaum txheeb xyuas cov ntaub ntawv tsis raug.

Vulnerabilities tau raug txheeb xyuas nyob rau hauv firmware muab los ntawm ntau yam khoom siv kho vajtse (Intel, Acer, Lenovo) thiab firmware tuam txhab (AMI, Insyde, Phoenix). Vim hais tias qhov teeb meem code yog tam sim no nyob rau hauv cov ntaub ntawv siv cov khoom siv los ntawm cov neeg muag khoom firmware ywj pheej thiab siv los ua lub hauv paus rau ntau lub tuam txhab kho vajtse los tsim lawv cov firmware, qhov tsis zoo tsis yog tus neeg muag khoom tshwj xeeb thiab cuam tshuam rau tag nrho ecosystem.

Cov ntsiab lus hais txog cov teeb meem uas tau txheeb xyuas tau cog lus tias yuav nthuav tawm thaum Lub Kaum Ob Hlis 6 ntawm Black Hat Europe 2023 lub rooj sib tham. Kev nthuav qhia ntawm lub rooj sib tham tseem yuav ua kom pom qhov kev siv uas tso cai rau koj ua tiav koj cov cai nrog firmware txoj cai ntawm cov tshuab nrog x86 thiab ARM architecture. Thaum xub thawj, qhov tsis zoo tau raug txheeb xyuas thaum lub sijhawm kev tshuaj xyuas ntawm Lenovo firmware ua rau ntawm cov platforms los ntawm Insyde, AMI thiab Phoenix, tab sis firmware los ntawm Intel thiab Acer kuj tau hais tias muaj peev xwm ua tau.

Tau qhov twg los: opennet.ru

Ntxiv ib saib