mek21 Posted December 7, 2023 Share Posted December 7, 2023 https://arstechnica.com/security/2023/12/just-about-every-windows-and-linux-device-vulnerable-to-new-logofail-firmware-attack/ LogoFAIL Hijacking the execution flow There are several ways to exploit LogoFAIL. Remote attacks work by first exploiting an unpatched vulnerability in a browser, media player, or other app and using the administrative control gained to replace the legitimate logo image processed early in the boot process with an identical-looking one that exploits a parser flaw. The other way is to gain brief access to a vulnerable device while it’s unlocked and replace the legitimate image file with a malicious one. Link to comment https://www.insanelymac.com/forum/topic/358210-uefi-firmware-vulnerabilitiesexploits/ Share on other sites More sharing options...
Recommended Posts