Techly NewsGet the app

Get the latest tech news

New UEFI vulnerabilities send firmware devs across an entire ecosystem scrambling — PixieFail is a huge deal for cloud and data centers. For the rest, less so.


PixieFail is a huge deal for cloud and data centers. For the rest, less so.

People with even minimal access to such a network—say a paying customer, a low-level employee, or an attacker who has already gained limited entry—can exploit the vulnerabilities to infect connected devices with a malicious UEFI. By installing malicious firmware that runs prior to the loading of a main OS, UEFI infections can’t be detected or removed using standard endpoint protections. The malicious image in this scenario will establish a permanent beachhead on the device that’s installed prior to the loading of the OS and any security software that would normally flag infections.

Get the Android app

Or read this on r/technology

Read more on:

Photo of data

data

Photo of cloud

cloud

Photo of rest

rest

Related news:

News photo

Final Fantasy 7 'shippers' "ruin great story development" with overt sexualisation, says Cloud voice artist

News photo

Google now admits it could collect data in Chrome's Incognito mode

News photo

LG Washing Machine Found Sending 3.7 GB of Data a Day

Ready Robotics uses Nvidia Omniverse for Toyota industrial robotics »