LogoFAIL, A New Way To Pick Up A UEFI Bootkit

Source: Bleeping Computer LogoFAIL, A New Way To Pick Up A UEFI Bootkit

Oh C’mon!  Do We Really Need This On A Friday?

There is yet another way to get one of the nastiest types of infections going, that being a UEFI bootkit.  This type of malware hides in the extra space in your UEFI BIOS and is able to happily avoid detection by any of your scanners, since they can’t access that chip.  The bootkit can then infect you with a variety of other malware, and even if you happen to detect and remove it, next reboot it will happen again since the actual infection is in your motherboards CMOS.  There have been a few discovered already, but LogoFAIL is a new one, and exactly the type of thing to ruin someone’s day.

As the name implies, LogoFAIL describes a way in which “an attacker could store a malicious image or logo on the EFI System Partition” in some sort of malicious use of steganography.  Since the infection is in the image file LogoFAIL doesn’t need to modify the bootloader nor the firmware on your UEFI like previous bootkits have done, which makes it even harder to find.  The bootloader is not hardware dependant, it will happily infect any motherboard or similar device, and it completely avoids any secure boot protections from any of the vendors that offer that type of protection.

Ready for happy hour at your favourite local yet?

Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver bootkits.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

1 Comment

  1. Dvon E.

    As usual “Making it PRETTY” instead of “Making it GOOD” is the cause of computing problems. Having to decode a colorful compressed image opened the door to poorly checked commercial library software. It’s long past time for Strict Liability in commercial software, firmware, and “smart” devices, so that no disclaimer can absolve guilt for management choosing profit over perfection.


Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!