Lenovo? inform immediately

More than 25 mobile models of Lenovo are vulnerable to malicious attacks that disable the UEFI secure boot process and then run unsigned UEFI or load bootloaders for permanent backdoors on devices.

Lenovo

Την ίδια στιγμή που ερευνητές από την εταιρεία ασφαλείας ESET αποκάλυψαν τα τρωτά σημεία, ο κατασκευαστής φορητών υπολογιστών κυκλοφόρησε ενημερώσεις ασφαλείας για 25 μοντέλα, όπως τα ThinkPads, Yoga Slims και IdeaPads. Τα κενά ασφαλείας που υπονομεύουν την ασφαλή εκκίνηση του UEFI είναι σοβαρά επειδή επιτρέπουν στους εισβολείς να εγκαταστήσουν firmware that survives operating system formats.

The Unified Extensible Firmware Interface, or UEFI is the software that bridges the firmware of a with its operating system. As the first track which runs when a computer starts, is the first link in the security chain. Because UEFI resides on a flash chip on the motherboard, infections are very difficult to detect and remove.

Standard measures such as a hard disk format and reinstallation of the operating system do not help, because the infected UEFI will re-infect the computer when it starts.

ESET said that vulnerabilities CVE-2022-3430, CVE-2022-3431 and CVE-2022-3432 allow disabling UEFI Secure Boot or resetting the Secure Boot database (and dbx) to factory default settings. . Secure Boot uses databases to allow and deny mechanisms. The DBX database, in particular, stores encrypted hashes of denied keys.

Disabling or resetting databases to default values ​​allows an attacker to override restrictions that would normally apply.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
Lenovo

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).