Firmware flaws could allow a malicious reflash, US CERT warns

U.S. CERT warned of three issues that could affect critical firmware

Three vendors have released fixes for vulnerabilities found in the critical firmware used during a computer's startup, according to an advisory from the U.S. Computer Emergency Readiness Team.

The vulnerabilities could allow an attacker to bypass a feature called Secure Boot, which verifies that firmware components carry a correct digital signature ensuring the software's authenticity. The attacker could then replace the device's firmware.

The flaws lie within some UEFI (unified extensible firmware interface) systems, the advisory said. UEFI is a firmware interface that was designed to improve upon BIOS.

A boot script within the UEFI S3 Resume path "resides in unprotected memory which can be tampered with by an attacker with access to physical memory," the advisory said.

An authenticated local attacker could bypass Secure Boot and reflash, or replace, the firmware even if signed firmware updates are supposed to be used. An attack could also cause a system to be inoperable.

Several vendors have taken action. American Megatrends Incorporated (AMI), which makes BIOS and UEFI firmware, has "addressed the issue on a generic basis and is working with OEMs to implement fixes for projects in the field and production."

Intel and Phoenix Technologies, which also makes UEFI software, have issued fixes, the advisory said.

The advisory was one of three issued by U.S. CERT on Monday. The agency also warned of a "race condition" vulnerability in some Intel chipsets that could allow the bypass of a BIOS locking mechanism, allowing malicious code to be inserted into firmware.

American Megatrends and Phoenix Technologies have issued updates to address the issue, but it's unknown if other major vendors may be affected, according to the advisory.

U.S. CERT also warned in a third advisory of a buffer overflow in the open-source EDK1 project's UEFI reference implementation. One affected vendor that uses the firmware, Insyde Software, has fixed the issue.

American Megatrends, Apple, IBM, Intel and Phoenix Technologies are not affected by that flaw. However, it's not known whether other large vendors may be vulnerable.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags AppleIBMsecurityU.S. Computer Emergency Readiness TeamInsyde SoftwareExploits / vulnerabilitiesAmerican MegatrendsintelPhoenix Technologies

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?