Bleeping Computer

LogoFAIL attack can install UEFI bootkits through bootup logos

Discovering the LogoFAIL vulnerabilities started as a small research project on attack surfaces from image-parsing components in the context of custom or outdated parsing code in UEFI firmware. The ...
Bleeping Computer

BootKitty UEFI malware exploits LogoFAIL to infect Linux systems

Update added below about this bootkit being created by students in Korea's Best of the Best (BoB) cybersecurity training program. The recently uncovered 'Bootkitty' Linux UEFI bootkit exploits the ...
ZDNet

This is how to protect your computers from LogoFAIL attacks

The Binarly REsearch team, a firmware supply chain security platform company, has uncovered a constellation of security vulnerabilities called LogoFAIL hiding with the Unified Extensible Firmware ...
GIGAZINE

Exploit ``LogoFAIL'' has been discovered that allows arbitrary code execution by replacing the logo image displayed in UEFI when starting a PC, targets Windows and Linux and ...

Security company Binarly has announced an exploit called LogoFAIL that attacks 24 vulnerabilities found in UEFI related to booting devices running Windows or Linux. The 'Logo' in LogoFAIL comes from ...
WeLiveSecurity

Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344

ESET researchers have discovered a vulnerability that allows bypassing UEFI Secure Boot, affecting the majority of UEFI-based systems. This vulnerability, assigned CVE-2024-7344, was found in a UEFI ...
Business Wire

UEFI Forum Releases UEFI 2.3.1 Specification Update and Schedules UEFI Summer Summit Interoperability & Education Event

BEAVERTON, Ore.--(BUSINESS WIRE)--The UEFI Forum, Inc. Highlights: The UEFI Forum has ratified an update to the UEFI 2.3.1 Specification that adds important firmware considerations and addresses ...