Social Icons

Wednesday, August 14, 2019

More than 40 vulnerable drivers make Windows PCs stubborn
Endowed with important privileges of access, the computer pilots are unfortunately not always of a high quality. They are therefore a serious Achilles heel for Windows systems.
To interact with the hardware components to which it has access, the Windows operating system relies on an army of small software very practical: drivers or computer drivers. Unfortunately, these programs can also introduce serious security vulnerabilities, as security researchers at Eclypsium have just shown, at the recent DEF CON conference in Las Vegas.

Experts have been interested in this topic following recent attacks such as LoJax or Slingshot APT, where hackers were cleverly leaning on drivers. This is not very surprising, because a driver often has interesting access privileges. By nature, they have access to some memory areas particularly protected from the operating system, such as those of the kernel. Some even allow access and change of firmware, including that of the BIOS. Blessed bread for a hacker who seeks to elevate his access privileges on a system he has just entered, and who wishes to install in a sustainable manner a back door.

Providers recognized and certified by Microsoft

Unfortunately, there are many drivers with security vulnerabilities that can be misused for malicious purposes. In the space of two weeks, researchers from Eclypsium have found more than forty. And right now, they're still finding it. Just bend down to pick it up. However, all these drivers come from suppliers recognized and certified by Microsoft. Among them are big names such as Intel, Gigabyte, SuperMicro, Nvidia, Phoenix, Huawei, Toshiba, Asustek, MSI, Realtek, etc.

To guard against this potential danger is not simple, because "there is no universal mechanism to avoid the loading of these vulnerable drivers on a Windows machine", underline the researchers in a note of blog. Professional versions of Windows allow, in some cases, to protect users through the group policies. But it is inevitably laborious.

Patches are available

The ball is in the camp of Microsoft and its partners. Charge them to quickly correct the flaws found and, above all, improve the quality of their pilots in the future. Intel and Huawei have already released patches for pinned drivers. At Phoenix and Insyde, the creation of a patch is underway. But not all are so responsive. MSI and Toshiba, for example, gave no sign of life after being alerted by Eclypsium. Pity. Researchers should publish tools and videos related to their analysis on GitHub in the near future.

No comments:

Post a Comment

Category Of Mobile Courses

Actualités (644) Adsense (1) Affiliation (1) Algebraic Topology (2) Algorithmic (1) all-news (30) Android (5) Android App (8) Android app without code (4) Android Apps (256) Android Development (4) Android download (2) Android OS (3) AngularJS (1) Automata theory and formal language (5) C programming (5) Category and Functor (8) CMS (3) Computer Glossary (18) Create Mobile App With Ionic Framework (2) CSS (2) CSS-Cascading-Style-Sheets (4) Developpement Java (13) Differential Geometry (1) Django-Python-Framework (9) dropshiping (26) Earn Money by Internet (4) Emplois (23) Framework php (2) Fraud (2) HTML (7) Java For Beginners (10) Javascript (12) Kotlin Programming Language (8) Kotlin For Mobile Android (1) Linux Download (2) Marketing (5) Mobile (3) Mobile Courses (4) Mobile Marketing (4) MoneyGram (1) News (721) Node.js (5) Open Source (1) Photoshop (1) Protect Computer (1) Python (35) Python BeautifulSoup (1) Python For Data Science (2) Python PyQt (4) Python Reference (1) Python-Books (6) Python-DVD-Training (1) Python-Exercises (219) Python-Framework (1) Python-IDE (1) Python-Kivy-Framework (2) Python-Modules (1) Python-pdf (2) Python-pyQt (1) Référencement (2) Script PHP (2) Security (6) SEO (1) Snipping Tool: Faq (1) Social Networks (1) Source Code (1) Statistics With SPSS (2) Surveillance Software (1) Travail à domicile (6) Tutoriels php en vidéos (2) Tutoriels-MySql (6) tutoriels-php (19) Utilitaires (1) VPS (1) Web Hosting (1) Webcam (1) Webmarketing (11) Western Union (1) Windows 10 (1) Windows 7 (4) Windows 7 Faq (2) Windows 8 (1) Windows Accessories (1) Windows Download (8) Windows Drivers (1) Windows Fonts (1) Windows Power Shell (2) Windows Registry (2) Windows Security (18) Windows Software (2) Windows Spyware (2) Windows utilities (3) Windows Virus (2) Windows Vista (3) Windows Wireless (1) Windows xp (1) Wordpress (1)

Sample text

Sample Text

Blogger Templates