PixieFail, The Brand New UEFI Infection To Worry About

Source: Ars Technica PixieFail, The Brand New UEFI Infection To Worry About

Five Vendors PXE Network Boot Implementations Are Scarily Vulnerable

PixieFail is a set of new UEFI vulnerabilities which affects devices running ARM, Insyde, AMI, Phoenix Technologies, or Microsoft’s implementation of PXE, otherwise known as netboot.  The UEFI need to be set up with IPv6 but unfortunately the attacker doesn’t need physical access to the system to take advantage of PixieFail.  All they need is access to your network and a program that allows them to view and capture traffic and then to inject packets.

Once they have network access, they can trigger any machine on the network, up to and including servers, to install malicious code onto the UEFI of the system.  As we have sadly learned, once infected no antivirus software will be able to detect the malicious code and a reboot or reimage will not help at all.  Take a look for BIOS updates and plan some downtime for your servers as the ease of implementation on your cloud is rather terrifying.

The vulnerabilities, which collectively have been dubbed PixieFail by the researchers who discovered them, pose a threat mostly to public and private data centers and possibly other enterprise settings.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!