What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

News Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack

We can't have nice things to last forever.

But we do have nice things. :)

I'm just glad that researchers found these vulnerabilities. Hardened UEFIs are coming soon.
 
I use to build PCs using motherboards I would buy. But BIOS support was very lacking so I quit. I now buy Dell PCs new and used as Dell is good about Bios and firmware updates. They support their products for a long time.
I randomly update my BIOS from time to time just in case. I think I will do today. I overwrite my BIOS with one off Dell's support page new or not.

PS
I just did it. Dell already had an updated BIOS. I will update all my Dells now.
Screenshot 2023-12-07 132303.png
 
Last edited:
pre-builts and motherboards from the mainline manufactures should be able to release updates fairly quick...

challenge will be for those folks that bought those cheap QOTOM boxes to run pfSense and similar...
 
sfx2000 said:
pre-builts and motherboards from the mainline manufactures should be able to release updates fairly quick...

challenge will be for those folks that bought those cheap QOTOM boxes to run pfSense and similar...
Click to expand...
It is one of the reasons I bought a low wattage used Dell PC for my Pfsense so I had BIOS and hardware support.
 
sfx2000 said:
challenge will be for those folks that bought those cheap QOTOM boxes to run pfSense and similar...
Click to expand...
There`s a good chance that those don`t support customizable boot logos however.
 
RMerlin said:
There`s a good chance that those don`t support customizable boot logos however.
Click to expand...

Depends on the UEFI firmware vendor - the hooks are still there, even if the OEM's firmware doesn't have the boot image...
 
Before EFI, didn't you have to update the BIOS via the BIOS? Now you can do it from the OS, which gives a crucial attack vector.

Companies add security tech, but then that tech has security issues. It seems like just more complexity to use and more to fix. I'm sure it is all worth it for some scenario ...
 
I thought you flashed BIOS using DOS back in the old days. Even when I ran OS2 I used DOS to flash BIOS.
 
Last edited:
It helps to know that UEFI is basically an OS unto itself... and it runs underneath the upper layer OS (Win/Linux/BSD/Intel Macs) - and it's always there...

That's why things like this particular issue, as well as others, are fairly painful...
 
This kind of attack is nothing new. You guys have never heard about MoonBounce for sure. Don't trust anything. There is always a backdoor whatever you do. Some people trust Firewall and Antivirus too much. Don't forget your Firewall and Antivirus don't work for these attacks, because the attackers know everything about the target. There is funny thing that some Snbforums users always say it doesn't exist.🤣
 
Last edited:
coxhaus said:
I use to build PCs using motherboards I would buy. But BIOS support was very lacking so I quit. I now buy Dell PCs new and used as Dell is good about Bios and firmware updates. They support their products for a long time.
I randomly update my BIOS from time to time just in case. I think I will do today. I overwrite my BIOS with one off Dell's support page new or not.

PS
I just did it. Dell already had an updated BIOS. I will update all my Dells now.
View attachment 54713
Click to expand...
However, bad things are always happened before update release. The attacker knows about it very well. After update? There are variants. Rinse and repeat.
 
Yes, possibly. See above.
 
FWIW - Apple Intel Macs use UEFI, but they're secure from this... old school PPC uses OpenFirmware and AppleSilicaon uses iboot...

There are also many Dell's that are also immune...

At the end of the day - check with your hardware provider - there are quite a few that have already offered up patches...
 
You must log in or register to reply here.

Similar threads

D
News Windows build 2024 and Ai Recall - Security Risk
Replies
2
Views
766
Deleted member 77025
D
N
RT-AX86U-Pro, WAN disconnect every 36 hours
2
Replies
25
Views
2K
Nick24
N
Tyrfing
Asus RT-AX88U Stuck on Merlin Firmware 388.1
Replies
9
Views
1K
Tyrfing
Tyrfing
prom3theu5
Dropping Ethernet connection to external switch every night
Replies
4
Views
1K
prom3theu5
prom3theu5
citizengris
Asus BT10 - still not stable at all even after latest firmware - been tinkering for months - high frustration
3 4 5
Replies
81
Views
3K
Tech9
Tech9
Similar threads
Thread starter Title Forum Replies Date
S Is there good VPN tunnel plain DNS filtering software for Windows? General Network Security 2
D News Windows Wi-Fi Driver Remote Code Execution Vulnerability CVE-2024-30078 General Network Security 2
D News Windows build 2024 and Ai Recall - Security Risk General Network Security 2
bbunge Microsoft plans to lock down Windows DNS - ZTDNS General Network Security 5
D News CVE-2024-53104 Linux Kernel Out-of-Bounds Write Vulnerability General Network Security 6
D Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root General Network Security 1
D News 'Critical' vulnerability in OpenSSH uncovered, affects almost all Linux systems General Network Security 1
D News Universal local privilege escalation linux cve-2024-1086 General Network Security 0

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 525 (members: 22, guests: 503)
Back
Top