UEFIs booting Windows and Linux devices can be hacked by malicious logo images.

Dan Goodin - 12/6/2023, 3:02 PM

  • anonymouse@lemmings.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    11 months ago

    “There are several ways to exploit LogoFAIL. Remote attacks work by first exploiting an unpatched vulnerability in a browser, media player, or other app and using the administrative control gained to replace the legitimate logo image processed early in the boot process with an identical-looking one that exploits a parser flaw. The other way is to gain brief access to a vulnerable device while it’s unlocked and replace the legitimate image file with a malicious one.”

    • AtmaJnana@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      11 months ago

      That’s what I get for reading it on mobile while parenting. Lol. Thanks, I obviously missed that.