more on Kaspersky UEFI Secure Boot issue…

February 20, 2020 ~ hucktech

Re: https://firmwaresecurity.com/2020/02/16/kaspersky-bootloader-uefi-secure-boot-vulnerability/

Kaspersky has a response:

We put together a no nonsense FAQ about the recent patch KB4524244 and the fuzz around the UEFI sigs update: https://t.co/krtHjjTbHo
— Costin Raiu (@craiu) February 17, 2020

FAQ: Microsoft, Kaspersky and KB4524244 security update issues

Which has some feedback from at least 2 security researchers:

I politely disagree with "the story is over", because a SecureBoot bypass (i.e. getting arbitrary code execution before ExitBS) grants much more privileges than RCE+LPE in modern Windows.
— Nikolaj Schlej (@NikolajSchlej) February 17, 2020

Indeed: secure boot bypass using signed Kaspersky bootloader allows to break, for example, Windows Virtualization-based Security including Hypervisor-Enforced Code Integrity, Device Guard and Credential Guard
— Dmytro Oleksiuk (@d_olex) February 17, 2020

There is more info from other media source:

Microsoft Pulls Buggy UEFI Security Update | Decipher

The mess behind Microsoft’s yanked UEFI patch KB 4524244 | Computerworld

I wish the UEFI Certificate Authority would kick in right about now with a technical response.

Published by hucktech

View all posts by hucktech

Leave a Reply Cancel reply

Enter your comment here...

Please log in using one of these methods to post your comment:

Email (Address never made public)

Name

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Android Developers Blog

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

LLVM Project Blog

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Broadcom ConnectedBroadcom Connected

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Malwarebytes Labs

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Blog – NVM Express

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Schneier on Security

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

IBM Product Security Incident Response Team

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Cyber Trust Blog

Blog - Möbius Strip Reverse Engineering

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Executive Platform - Cisco Blogs

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Official PC-BSD Blog

Discover the Desktop

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

FreeBSD Foundation

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Oracle Blogs | Oracle Blogs

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Oracle Blogs | Oracle Blogs

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Xen Project Blog

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Planet openSUSE

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Tizen - An open source, standards-based software platform for multiple device categories.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

iXsystems, Inc. – Enterprise Storage & Servers

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

InTelligence Blog

ASSET InterTech

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

coreboot developer blogs

News from coreboot world

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

System76 Blog RSS Feed

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

Just another WordPress.com site

Hastily-written news/info on the firmware security/development communities, sorry for the typos.

%d bloggers like this: