Eclypsium, a security research organization, found that there was a serious vulnerability in Dell's remote BIOS upgrade software, which would cause attackers to hijack BIOS download requests and attack with modified files. This will allow hackers to control the startup process of the system and destroy the operating system.
The software in question is biosconnect, which is part of Dell's supportassistant and is pre installed on most Dell windows devices.As many as 30 million devices, including laptops, desktops and tablets, have been affected.
Dell's remote BIOS update software is open to man in the middle attacks, allowing attackers to remotely execute code in the BIOS of up to 129 different models of Dell laptops.
The service uses an insecure TLS connection. There are three overflow vulnerabilities from BIOS to tool software. Two of them affect the recovery process of the operating system, and the other affects the firmware update processThese three vulnerabilities are independent, and each vulnerability may lead to arbitrary code execution in BIOS.
The researchers suggest that all Dell computers need to update the BIOS, and do not use Dell's biosconnect function to perform this operation, but download it from the official website.
- THE END -
Reprint please indicate the source: fast technology