· How To and Tutorials
· Life Hacks and Reviews
· Way Off Base
· MajorGeeks Deals
· News
· Off Base
· Reviews
· Life Hacks and Reviews
· Way Off Base
· MajorGeeks Deals
· News
· Off Base
· Reviews
· YouTube
· Facebook
· Instagram
· Twitter
· Pintrest
· RSS/XML Feeds
· News Blur
· Yahoo
· Symbaloo
· Pintrest
· RSS/XML Feeds
· News Blur
· Yahoo
· Symbaloo
· Top Freeware Picks
· Malware Removal
· Geektionary
· Useful Links
· About Us
· Copyright
· Privacy
· Terms of Service
· How to Uninstall
· Malware Removal
· Geektionary
· Useful Links
· About Us
· Copyright
· Privacy
· Terms of Service
· How to Uninstall
· View Essential System Details with myResources
· Control When Windows 10 Updates with Kill-Update
· How to Fix There Was a Problem Resetting Your PC Error on Windows 10
· How to Turn on or off Recommended Troubleshooting in Windows 10
· MajorGeeks Deals Page
· test jim
· How to Set a New Home / Start Page In Edge
· How To Remove the Bing Discover Button on Microsoft Edge for Windows, Mac and Linux
· How to Block Spam Calls on a Samsung Phone
· How to Change DPI Scaling Settings in Windows 10 or 11
· How to Install Threads on Your Windows Desktop
· MajorGeeks and Cheat Happens August 2023 Give-A-Way
· Here's What You Need to Know About LogoFAIL
· Using AeroShake To Clear Your Desktop
· How to Edit Audio in Your Videos Using Shotcut
· How to Diagnose RAM Issues with Windows Memory Diagnostic Tool: A Step-by-Step Guide
· Deciding Between Idle State, Sleep Mode, and Shutdown: What's Best for Your PC?
· Unlock Google's Hidden Powers: Search Tricks Every Geek Should Know
· 2024 Black Friday Deals
· TikTok Ban: What Happens If the Supreme Court Upholds It?
· Control When Windows 10 Updates with Kill-Update
· How to Fix There Was a Problem Resetting Your PC Error on Windows 10
· How to Turn on or off Recommended Troubleshooting in Windows 10
· MajorGeeks Deals Page
· test jim
· How to Set a New Home / Start Page In Edge
· How To Remove the Bing Discover Button on Microsoft Edge for Windows, Mac and Linux
· How to Block Spam Calls on a Samsung Phone
· How to Change DPI Scaling Settings in Windows 10 or 11
· How to Install Threads on Your Windows Desktop
· MajorGeeks and Cheat Happens August 2023 Give-A-Way
· Here's What You Need to Know About LogoFAIL
· Using AeroShake To Clear Your Desktop
· How to Edit Audio in Your Videos Using Shotcut
· How to Diagnose RAM Issues with Windows Memory Diagnostic Tool: A Step-by-Step Guide
· Deciding Between Idle State, Sleep Mode, and Shutdown: What's Best for Your PC?
· Unlock Google's Hidden Powers: Search Tricks Every Geek Should Know
· 2024 Black Friday Deals
· TikTok Ban: What Happens If the Supreme Court Upholds It?
Here's What You Need to Know About LogoFAIL
LogoFAIL is not a virus but rather a set of vulnerabilities in the firmware of many computers that allows attackers to bypass security measures and install malicious software.LogoFAIL affects the firmware when displaying the manufacturer's logo during the boot process. Firmware is software embedded in a hardware device, such as a computer, smartphone, printer, or router. Firmware controls the basic functions and operations of the device, such as booting, loading, and communicating with other components. Specifically, LogoFAIL affects the Unified Extensible Firmware Interface (UEFI), which is the firmware responsible for booting your computer.
That is a wickedly simplified explanation, but if you want to read more on UEFI, go check the wiki.
What you Need to Know:
Logofail affects a vast majority of computers. Suffice it to say that nearly every PC, whether Windows, Linux, or MAC, likely uses UEFI and is vulnerable to this exploit. Due to its early execution in the boot process, Logofail can bypass many traditional security defenses, making it a highly dangerous threat.
These vulnerabilities allow attackers to inject malicious code into the boot process by manipulating the boot logo image. This code can then be used to bypass security measures such as Secure Boot and install malware on the system.
To use the vulnerability, hackers need to gain local administrator access through some other type of exploit - maybe something with the browser or a malicious email attachment - and then add the nefarious image package to the correct location. The infection is loaded into the system firmware once the system reboots with the new malicious logo. Competent hackers have been hacking administrator accounts since the invention of administrator accounts - so don't let your guard down.
A good practice on your end is to check for Administrator accounts and either change their rights or remove any that are unnecessary. Also, ensure the user account you are logging into your PC is not an administrator account. Doing so can be a little annoying as you may need to boot into an admin account for updates, etc... But it's a safer practice.
Detection and mitigation:
Detecting Logofail infections is difficult, if not near impossible, as the malicious code is hidden within the boot image. It would be hard for the OS level without a special tool like UEFI Tool, and would likely hide from something like that anyway. The best bet would be an external device - which doesn't exist yet. So, unfortunately, no single "Logofail mitigation tool" has been developed as yet. Instead, several security researchers and organizations are developing various tools and techniques to address the detection of Logofail vulnerabilities.
For example, Logofail-PoC is a proof-of-concept tool that demonstrates Logofail vulnerabilities and allows researchers to test mitigation strategies. Developed by security researchers at Binarly who have done extensive work on this issue. Logofail-PoC has yet to be released as they wait for patches to catch up. But you can see it work here:
Now that LogFail has been discovered patching the affected firmware will be the most effective way to mitigate the risk of LogFail. Some manufacturers, like Lenovo, have already released patches for affected systems. Still, since this is a relatively new discovery, not all manufacturers have caught up.
However, there are a few manual tools like this one from Dell that can help you manufacturers to not auto-update their firmware. (Thankfully) Hence, it is important to figure out what bios you have and check your manufacturer site for updates manually.
All that said, flashing/updating your bios is not exactly for the faint of heart. It's not a difficult thing to do, BUT if you have any doubt in your ability to recover from catastrophic failure --- test it out on your friend's system first.
JUST KIDDING!!!! Take your PC to a PRO. It will likely cost just a few dollars, and they can do it safely. If you do want to venture into the world of bios-flashing make sure you check out Universal BIOS Backup Kit. It can help identify the manufacturer and version, and you will have a known good backup in a pinch. comments powered by Disqus
