UEFIs booting Windows and Linux devices can be hacked by malicious logo images.

Dan Goodin - 12/6/2023, 3:02 PM

  • Grunt4019@lemm.ee
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    There is a remote vector as well beyond just physical access.

    There are several ways to exploit LogoFAIL. Remote attacks work by first exploiting an unpatched vulnerability in a browser, media player, or other app and using the administrative control gained to replace the legitimate logo image processed early in the boot process with an identical-looking one that exploits a parser flaw. The other way is to gain brief access to a vulnerable device while it’s unlocked and replace the legitimate image file with a malicious one.