viralamo

Menu
  • Technology
  • Science
  • Money
  • Culturs
  • Trending
  • Video

Subscribe To Our Website To Receive The Last Stories

Join Us Now For Free
Home
Technology
A well-meaning feature leaves millions of Dell PCs vulnerable
Technology

A well-meaning feature leaves millions of Dell PCs vulnerable

26/06/2021

Dell has released a patch for a set of vulnerabilities that left as many as 30 million devices exposed.
Enlarge / Dell has released a patch for a set of vulnerabilities that left as many as 30 million devices exposed.

Artur Widak | Getty Images

Researchers have known for years about security issues with the foundational computer code known as firmware. It’s often riddled with vulnerabilities, it’s difficult to update with patches, and it’s increasingly the target of real-world attacks. Now a well-intentioned mechanism to easily update the firmware of Dell computers is itself vulnerable as the result of four rudimentary bugs. And these vulnerabilities could be exploited to gain full access to target devices.

The new findings from researchers at the security firm Eclypsium affect 128 recent models of Dell computers, including desktops, laptops, and tablets. The researchers estimate that the vulnerabilities expose 30 million devices in total, and the exploits even work in models that incorporate Microsoft’s Secured-core PC protections—a system specifically built to reduce firmware vulnerability. Dell is releasing patches for the flaws today.

“These vulnerabilities are on easy mode to exploit. It’s essentially like traveling back in time—it’s almost like the ’90s again,” says Jesse Michael, principal analyst at Eclypsium. “The industry has achieved all this maturity of security features in application and operating system-level code, but they’re not following best practices in new firmware security features.”

The vulnerabilities show up in a Dell feature called BIOSConnect, which allows users to easily, and even automatically, download firmware updates. BIOSConnect is part of a broader Dell update and remote operating system management feature called SupportAssist, which has had its own share of potentially problematic vulnerabilities. Update mechanisms are valuable targets for attackers, because they can be tainted to distribute malware.

The four vulnerabilities the researchers discovered in BIOSConnect wouldn’t allow hackers to seed malicious Dell firmware updates to all users at once. They could be exploited, though, to individually target victim devices and easily gain remote control of the firmware. Compromising a device’s firmware can give attackers full control of the machine, because firmware coordinates hardware and software, and runs as a precursor to the computer’s operating system and applications.

Advertisement

“This is an attack that lets an attacker go directly to the BIOS,” the fundamental firmware used in the boot process, says Eclypsium researcher Scott Scheferman. “Before the operating system even boots and is aware of what’s going on, the attack has already happened. It’s an evasive, powerful, and desirable set of vulnerabilities for an attacker that wants persistence.”

One important caveat is that attackers couldn’t directly exploit the four BIOSConnect bugs from the open internet. They need to have a foothold into the internal network of victim devices. But the researchers emphasize that the ease of exploitation and lack of monitoring or logging at the firmware level would make these vulnerabilities attractive to hackers. Once an attacker has compromised firmware, they can likely remain undetected long-term inside a target’s networks.

The Eclypsium researchers disclosed the vulnerabilities to Dell on March 3. They will present the findings at the Defcon security conference in Las Vegas at the beginning of August.

“Dell remediated multiple vulnerabilities for Dell BIOSConnect and HTTPS Boot features available with some Dell Client platforms,” the company said in a statement. “The features will be automatically updated if customers have Dell auto-updates turned on.” If not, the company says customers should manually install the patches “at their earliest convenience.”

The Eclypsium researchers caution, though, that this is one update you may not want to download automatically. Since BIOSConnect itself is the vulnerable mechanism, the safest way to get the updates is to navigate to Dell’s Drivers and Downloads website and manually download and install the updates from there. For the average user, though, the best approach is to simply update your Dell however you can, as quickly as possible.

“We’re seeing these bugs that are relatively simple like logic flaws show up in the new space of firmware security,” Eclypsium’s Michael says. “You’re trusting that this house has been built in a secure way, but it’s actually sitting on a sandy foundation.”

After running through a number of nightmare attack scenarios from firmware insecurity, Michael takes a breath. “Sorry,” he says. “I can rant about this a lot.”

This story originally appeared on wired.com.

Source link

Share
Tweet
Pinterest
Linkedin
Stumble
Google+
Email
Prev Article
Next Article

Related Articles

$5.9 million ransomware attack on farming co-op may cause food shortage
Iowa-based provider of agriculture services NEW Cooperative Inc. has been …

$5.9 million ransomware attack on farming co-op may cause food shortage

Trump’s is one of 15,000 Gab accounts that just got hacked
Beleaguered social networking site Gab was breached on Monday, marking …

Gab, a haven for pro-Trump conspiracy theories, has been hacked again

Leave a Reply Cancel reply

Find us on Facebook

Related Posts

  • Zynga’s Q4 bookings grow 62% to $433 million thanks to recent acquisitions
    Zynga’s Q4 bookings grow 62% to $433 …
    06/02/2020
  • Should you pay $50K for your pitch deck? Yes, why the hell not? – TechCrunch
    Should you pay $50K for your pitch …
    21/12/2019
  • PSA: Apple isn’t actually patching all the security holes in older versions of macOS
    PSA: Apple isn’t actually patching all the …
    12/11/2021
  • Netflix fights password-sharing with test of $3 “Extra Member” fee
    Netflix fights password-sharing with test of $3 …
    17/03/2022
  • Cesium makes construction smarter with drones, 3D visualization, and Komatsu deal
    Cesium makes construction smarter with drones, 3D …
    11/03/2020

Popular Posts

  • 10 Real Historical Events That Inspired ‘Game …
    22/05/2022 0
  • Top 10 Most Singular Encounters with Unidentified …
    24/04/2022 0
  • 10 Creepy Apocalyptical Predictions – Listverse
    25/04/2022 0
  • 10 Meetings That Shaped History – Listverse
    25/04/2022 0
  • The first “Meta Store” is opening in California in May
    The first “Meta Store” is opening in …
    25/04/2022 0

viralamo

Pages

  • Contact Us
  • Privacy Policy
Copyright © 2022 viralamo
Theme by MyThemeShop.com

Ad Blocker Detected

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

Refresh