.jpg)
According to security researchers, a critical set of vulnerabilities has been identified in UEFI firmware for a number of motherboards manufactured by Gigabyte, causing serious concerns about device integrity and long-term system security, as well as serious concerns regarding device integrity. Binarly, a cybersecurity firm, claims that American Megatrends Inc. (AMI) firmware contains four high-severity flaws which allow threat actors to execute stealthily and persistently.
In a subsequent analysis, it was found that the identified vulnerabilities were exploitable by attackers who possess either local or remote administrative privileges in order to execute arbitrary code within the highly privileged System Management Mode (SMM) if the attackers possess the right credentials. In addition to operating independently of the host operating system, this execution environment is embedded in the firmware itself and gives the firmware considerable power over the hardware that is behind it.
Hence, sophisticated threat actors often target this system to gain deeper control over compromised computers and establish long-term persistence through establishing deeper control over compromised systems. The System Management Mode is designed to handle low-level system functions and it is activated very early during the boot process, well before the operating system takes over.
Consequently, code running within SMM has unrestricted access to critical system resources, including memory, processor instructions, and hardware configurations, becaus
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: