Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Buffer overflow vulnerability with the unified extensible firmware interface

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

January 7, 2015

Click here to order the best deal on a HP enterprise dedicated server and at a great price.

Two security researchers have discovered a new buffer overflow security vulnerability within the implementation of the unified extensible firmware interface (UEFI) within the EDK-1 project used in today's firmware development.

Internet security researcher Rafal Wojtczuk and MITRE Corp's Corey Kallenberg said the security issue in the FSVariable.c source file was directly linked to another variable used to reclaim empty space on SPI flash chips.

Potential exploitation could be really severe if some code is instantiated earlier on when booting was less secure and the SPI Flash with its firmware is accessible.

An attacker exploiting early could gain a persistent foothold in systems, Kallenberg said.

"We have discovered a buffer overflow associated with this reclaim operation in FSVariable.c," Kallenberg said in a CERT security advisory.

"In an ideal attacker scenario, the vulnerable code can be instantiated before the SPI flash is locked down, resulting in an arbitrary reflash of the platform firmware.

"Another possibility is for the attacker to leverage this security vulnerability to get into SMM (if SMM is not sufficiently locked down yet) or to defeat Secure Boot and launch an authorized boot loader, or to simply achieve a runtime SMM break-in," he added.

Damage varied quite a bit between OEM firmware implementations, and depending on their various configurations.

To be sure, Insyde Software Corp issued a security patch for its affected firmware while other unnamed OEMs are still working on various fixes.

Source: Insyde Software Corp.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer