It is currently 23-10-2017 01:51

Vulnerability found in UEFI on Lenovo laptops and HP

Vulnerability found in UEFI on Lenovo laptops and HP

by seo_worker » 2016-07-05 09:05:58

Independent researcher Dmitry oleksiuk (Oleksiuk Dmytro spoke on unpatched 0-day vulnerabilities in UEFI which is called ThinkPwn. In particular, the issue is on the devices of Lenovo and HP, and should also be present on devices from other manufacturers.

According Oleksyuk, the problem contains in code a System Management Mode (SMM), which can be found in the UEFI Lenovo and other manufacturers. The bug can be used to implement various malicious activities, for example, to disable the protective functions of Secure Boot, disable write-protect, and to bypass the security mechanisms of Windows 10 Enterprise, such as Device Guard and Guard Credential.

To exploit vulnerabilities an attacker would need just to copy the exploit onto a flash drive and run under UEFI. Exploit for ThinkPwn the researcher has published on GitHub. According to him, this method in theory should work directly from the operating system, but for this exploit to be recycled.

Lenovo representatives report that they are investigating the incident. Patch yet, as oleksiuk has published details about the problem before the developers of Lenovo managed to do anything. The manufacturer claims that Explorer refused to go on contact, while the oleksyuk says that Lenovo offered its assistance.

According to the official report of Lenovo, the problematic code belonged to third-party developers, that is supplied in one of three independent BIOS developers (IBV). These companies are engaged in the processing code from chip manufacturers (AMD and Intel), optimizing it for a specific company and device.

Lenovo claim that the problematic code independent developers got the BIOS from Intel, and oleksiuk agree with this conclusion. But the researcher says that Intel fixed the issue in mid-2014, although it is not clear whether the manufacturer is aware of this vulnerability, or gap was eliminated by accident.

Since GitHub oleksiuk explained in detail how to find problem code, one of his Twitter followers said that he managed to detect a vulnerability on your HP Pavillion laptop. This confirms the theory of the researcher that the vulnerability can be found in products from other manufacturers and threatens not only the owners of Lenovo laptops. Also in his blog, the researcher suggested that the problem may be not a random bug, but the real bedroom.

Сообщений: 755
Депозит: 0.005 BTC

Rating: 2