If you use a Windows or Linux device, it's vulnerable to a new post-exploit attack that can remotely install an undetectable backdoor at the UEFI level. Updates from just about every vendor available today. Impressive work from @matrosov and the rest of Binarly.
It's 2023, and not only can malicious images still remotely execute malicious code on your devices, but they can do it at the UEFI level, during bootup, enabling invisible firmware bootkits. This new post-exploit attack, known as LogoFAIL, is mind-blowing. Amazing that an entire ecosystem comprising dozens of wealthy companies couldn't be bothered to fuzz the UEFIs they provide to billions of people. With a small amount of effort, this attack could have been closed off a decade ago.
Lots of people asking what the CVEs are and where announcements from various parties can be found. This is a massive, massive (un)coordinated disclosure. Lots of broken or non-existent links at the moment. I'm expecting things will straighten out in an hour or two. Please be patient.
A CERT coordination center has published an advisory on LogoFail, but unfortunately, it doesn't tell us much. It confirms that AMI, Insyde, Intel and Phoenix are affected and that Microsoft and Toshiba are not. But the remaining 20 companies are fall in the "unknown" category. One of the unknowns is Lenovo, which has already confirmed that it is affected.
@dangoodin I suspect we can count on most affected existing deployed machines never being patched for this. Firmware patches at that level are widely considered to be so risky that they are widely avoided, even for serious problems.
@dangoodin@matrosov I don't see how this could be exploited remotely. As far as I understand, a malicious image file has to make it's way onto the EFI system partition first, or did I miss something?
@hanscees@fell@dangoodin@matrosov It doesn't even have to be a complete lie, just "put this image here" and it actually will display a picture of, idk, Harry Styles when you turn your computer on.
would it be useful to replace the boot image yourself in advance to a locally-known image, so that if it's suddenly displaying manufacturer logo you know something is up?
@moira@dangoodin@matrosov that's honestly not a bad idea, if that is how exploits for this work, if they modify the existing image to inject malware then maybe it won't help, or if they already make user visible changes. I haven't read the article yet though so I can only speculate
One thing to mention is that with BIOS there isn't even a security boundary to be crossed, you are free to modify firmware at any time, so this is still better security than that.
@raven667@dangoodin@matrosov The vector is to replace the image with an apparently-identical image that is malformed to create a payload. This takes a degree of crafting, so given how many slices of the install base there are (since each one has to attack a particular BIOS) I'm pretty sure they're going to use manufacturer-original graphics.
So if you've replaced yours with a graphic screen made of text reading "still good" in some font and suddenly you have the manufacturer bootup image back, you know something has happened.
It wouldn't stop anybody... well, maybe it could, right? If someone does write an attack to modify rather than replace the image, having the wrong image there would almost certainly break that specific attack.
@moira@dangoodin@matrosov I finally had time to read, the article says this can be done so its not visible. It also mentions just registering the sha256 hash of legit logo files and scanning for those, this could be added to AV pretty easily as well, right, so an unexpected logo file is detected quickly, although I suppose the malware could try and hide itself from scanning.
Once malware gets to a fundamental level of the system, it's hard for subordinate levels to kick it out
@raven667@dangoodin@matrosov Well yeah, it can be done without being visible - by replacing the image with your sabotaged one, which shows the same image but also has the payload. Or that's how I read it.
The point is to have a non-standard image in there first so that if it swaps in what looks like the standard image, you know something has happened. You don't know what, and it doesn't stop it - it's just an alarm of sorts.
Add comment