Uncategorized

CHIPSEC adds capsule parsing and blacklists ThinkPwn

CHIPSEC has had a few significant updates recently:

https://github.com/chipsec/chipsec/pull/73

https://github.com/chipsec/chipsec/pull/89

[…] It detects EFI binaries which have the following attributes:
1. GUID A56897A1-A77F-4600-84DB-22B0A801FA9A string of vulnerable UEFI SmmRuntime protocol within the contents of EFI binaries
2. Two names (UI strings) ‘SystemSmmRuntimeRt.efi’ and ‘SmmRuntime’ and two GUIDs 7C79AC8C-5E6C-4E3D-BA6F-C260EE7C172E and A56897A1-A77F-4600-84DB-22B0A801FA9A of vulnerable EFI binaries found in different systems[…]

 

Standard

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s