A team of ethical hacking specialists from Eclypsium security firm has revealed a report describing a critical vulnerability present in the design of software used in modern drivers that, if exploited, would allow threat actors to get high privileges that would guarantee them unrestricted access to hardware.
Reports claim that more than 40 hardware manufacturers could be affected by the vulnerability, including big names in the industry like Asus, Realtek, Gigabyte, AMD, Intel and Toshiba.
According to ethical hacking experts, the
vulnerability, present in all modern versions of Windows, is a clear example of
a fundamental problem in the certification process of Microsoft drivers, as all
components potentially compromised were certified by this tech giant.
“A vulnerable driver could allow any
threat actor to escalating privileges on the compromised device, so we notify
Microsoft expecting the corresponding patches to be released as soon as
possible,” the experts in charge of the investigation said. This firm
specializes in software for protection against firmware-based attacks.
After the list of vulnerable manufacturers was publicly
disclosed, an Intel spokesperson mentioned that the company has already issued
a security alert through the Intel Processor Diagnostic Tool, recommending
users upgrade their systems to the most recent version. Apparently not all
companies were aware of this situation, as seems to be the case with AMD, which
did not comment on it until a few hours ago, through its blog.
Ethical hacking experts mentioned that these
findings could hinder firmware
security efforts in the future, as there is no universal mechanism to prevent
these security risks on all drivers available on the market. “This could
create a window of opportunity for hackers, as it gives them the ability to
corrupt any component or collect information for long periods of time without
being detected,” the experts added.
As a precautionary measure, ethical hacking
experts from the International Institute of Cyber Security (IICS) recommend
performing periodic firmware scans and upgrading each time manufacturers
release new patches and software versions. Firmware integrity monitoring is
also vital, as it helps detect unauthorized changes or anomalies before
problems grow to such point.
