Menu
What's new
By:
Filters Better Search

News Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

We can't have nice things to last forever.

But we do have nice things. :)

I'm just glad that researchers found these vulnerabilities. Hardened UEFIs are coming soon.
 
I use to build PCs using motherboards I would buy. But BIOS support was very lacking so I quit. I now buy Dell PCs new and used as Dell is good about Bios and firmware updates. They support their products for a long time.
I randomly update my BIOS from time to time just in case. I think I will do today. I overwrite my BIOS with one off Dell's support page new or not.

PS
I just did it. Dell already had an updated BIOS. I will update all my Dells now.
Screenshot 2023-12-07 132303.png
 
Last edited:
pre-builts and motherboards from the mainline manufactures should be able to release updates fairly quick...

challenge will be for those folks that bought those cheap QOTOM boxes to run pfSense and similar...
 
sfx2000 said:
pre-builts and motherboards from the mainline manufactures should be able to release updates fairly quick...

challenge will be for those folks that bought those cheap QOTOM boxes to run pfSense and similar...
Click to expand...
It is one of the reasons I bought a low wattage used Dell PC for my Pfsense so I had BIOS and hardware support.
 
sfx2000 said:
challenge will be for those folks that bought those cheap QOTOM boxes to run pfSense and similar...
Click to expand...
There`s a good chance that those don`t support customizable boot logos however.
 
RMerlin said:
There`s a good chance that those don`t support customizable boot logos however.
Click to expand...

Depends on the UEFI firmware vendor - the hooks are still there, even if the OEM's firmware doesn't have the boot image...
 
Before EFI, didn't you have to update the BIOS via the BIOS? Now you can do it from the OS, which gives a crucial attack vector.

Companies add security tech, but then that tech has security issues. It seems like just more complexity to use and more to fix. I'm sure it is all worth it for some scenario ...
 
I thought you flashed BIOS using DOS back in the old days. Even when I ran OS2 I used DOS to flash BIOS.
 
Last edited:
It helps to know that UEFI is basically an OS unto itself... and it runs underneath the upper layer OS (Win/Linux/BSD/Intel Macs) - and it's always there...

That's why things like this particular issue, as well as others, are fairly painful...
 
This kind of attack is nothing new. You guys have never heard about MoonBounce for sure. Don't trust anything. There is always a backdoor whatever you do. Some people trust Firewall and Antivirus too much. Don't forget your Firewall and Antivirus don't work for these attacks, because the attackers know everything about the target. There is funny thing that some Snbforums users always say it doesn't exist.🤣
 
Last edited:
coxhaus said:
I use to build PCs using motherboards I would buy. But BIOS support was very lacking so I quit. I now buy Dell PCs new and used as Dell is good about Bios and firmware updates. They support their products for a long time.
I randomly update my BIOS from time to time just in case. I think I will do today. I overwrite my BIOS with one off Dell's support page new or not.

PS
I just did it. Dell already had an updated BIOS. I will update all my Dells now.
View attachment 54713
Click to expand...
However, bad things are always happened before update release. The attacker knows about it very well. After update? There are variants. Rinse and repeat.
 
Yes, possibly. See above.
 
FWIW - Apple Intel Macs use UEFI, but they're secure from this... old school PPC uses OpenFirmware and AppleSilicaon uses iboot...

There are also many Dell's that are also immune...

At the end of the day - check with your hardware provider - there are quite a few that have already offered up patches...
 
You must log in or register to reply here.

Similar threads

prom3theu5
Dropping Ethernet connection to external switch every night
Replies
4
Views
954
prom3theu5
prom3theu5
doge
Asus ROG Rapture GT-AXE16000 - bricked - how to reset / install new firmware
Replies
3
Views
2K
doge
doge
GraniteStateColin
DNSmasq to provide DHCP IP # and DNS name for systems on LAN
Replies
19
Views
2K
Patrick9876
P
D
Diving into ac5300 firmware - aka CFE's reverse engineering and firmware hacking
Replies
8
Views
1K
Tech9
Tech9
koonthul
Home Network Plan - Where and What
2
Replies
20
Views
1K
degrub
D
Similar threads
Thread starter Title Forum Replies Date
D News Universal local privilege escalation linux cve-2024-1086 General Network Security 0
L&LD Using Linux (GNOME desktops) and Optical Drives? Watch out. General Network Security 0
L&LD It's Linux's turn. General Network Security 1
C AVrecon malware infects 70,000 Linux routers to build botnet General Network Security 5

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 884 (members: 20, guests: 864)
Top