[ad_1]
Researchers know for about security issues over the years with the basic code of the computer known as the firmware. It often happens packed with weakness, it is difficult to update with patches, and it is more and more the target of actual attacks. Now, the very well-intentioned mechanism for easily updating Dell computer firmware is weak due to four basic bugs. And these vulnerabilities could be used to gain full access to the target devices.
The new discoveries Researchers at security company Eclypsium have affected the latest 128 models of Dell computers, including desktops, laptops and tablets. Researchers estimate that vulnerabilities display a total of 30 million devices, and that farms also operate on integrated models. Microsoft’s security-core computer protections, a specially built system to reduce the weakness of the firmware. Dell is releasing bug patches today.
“These vulnerabilities are easy to exploit. It’s basically like traveling back in time, almost like going back to the ’90s,” said Jesse Michael, chief analyst at Eclypsium. , but there are no best practices in new firmware security features. “
Weaknesses appear in the Dell feature called BIOSConnect, which allows users to download firmware updates easily and even automatically. BIOSConnect is part of a broader Dell update and remote operating system management function called SupportAssist. potentially weak problems. They are update mechanisms valuable goals for attackers, because they can be stained to distribute malware.
The four vulnerabilities found by researchers in BIOSConnect do not allow hackers to grow malicious Dell firmware updates on all users at once. They can be used, however, to target the victim’s devices individually and to remotely control the firmware. Repairing the firmware of the device can give the attackers full control of the machine, as the firmware coordinates the hardware and software and acts as a pioneer in the computer operating system and applications.
“An attacker is an attack that allows you to go directly to the BIOS,” says Eclypsium researcher Scott Scheferman, which is the basic firmware used in the boot process. “Before the operating system launches and before it is aware of what is happening, the attack has already taken place. It is a fleeting, strong and desirable set of vulnerabilities for an attacker who wants sustainability. “
An important note is that attackers cannot directly exploit the four BIOSConnect bugs from the open internet. They should be the basis for the internal network of victim devices. But the researchers stressed that ease of exploitation and lack of control or registration at the firmware level would make these vulnerabilities attractive to hackers. Once an attacker has compromised the firmware, they are likely to be undetected for a long time in the networks of a target.
Researchers at Eclypsium explained their weaknesses to Dell on March 3rd. The findings will be presented at the Defcon security conference in Las Vegas in early August.
“Dell fixed multiple vulnerabilities for Dell BIOSConnect and HTTPS Boot features available with some Dell customer platforms,” the company said in a statement. “Features will be updated automatically if customers have them Dell automatic updates are turned on. “If not, the company says customers need to install the patches manually” as soon as possible. “
Researchers at Eclypsium have warned, however, that this may be an update you don’t want to download. BIOSConnect itself is a vulnerable mechanism, so the safest way to get updates is to go to Dell Drivers and downloads website and download and install updates from it. For the average user, however, the best approach is to update your Dell as soon as possible.
[ad_2]
Source link
