Serious vulnerabilities in NVIDIA, AMD and Intel Drivers

- Advertisement -

Researchers at Eclypsium have found serious issues with more than 40 drivers from every major BIOS vendor. This piece of information was revealed on August 10th, and these vulnerabilities were given the name ‘Screwed Drivers’. Pretty aberrant from the usual names given to security faults nowadays.

These severe vulnerabilities were found in drivers from vendors the likes of Asus, Toshiba, NVIDIA, Intel and AMD. What makes it worse is that all of these insecure drivers were signed by valid certificate authorities and was also certified by Microsoft. These vulnerable drivers can be installed on all versions of Microsoft, and there is currently no mechanism to keep a Windows machine from loading one of these bad drivers.

Some features specific to Windows Pro, Windows Enterprise and Windows server offer protection to its users, and that’s only if admins decide to enable those features. They’re disabled by default allowing vulnerabilities to enter anyway. All of these vulnerabilities allow the drivers to act as a proxy to provide highly privileged access to the hardware resources. This escalates the privileges of an attacker moving him from user mode to OS kernel mode.

Eclypsium security vulnerabilities
Vulnerabilities
- Advertisement -

Here’s what Eclypsium had to add:

“Vulnerable or outdated system and component firmware is a common problem and a high-value target for attackers, who can use it to launch other attacks, completely brick systems, or remain on a device for years gathering data, even after the device is wiped. To make matters worse, in this case, the very drivers and tools that would be used to update the firmware are themselves vulnerable and provide a potential avenue for attack.”

Here is a partial list of vendors identified by Eclypsium:

  • ASRock
  • ASUSTeK Computer
  • ATI Technologies (AMD)
  • Biostar
  • EVGA
  • Getac
  • GIGABYTE
  • Huawei
  • Insyde
  • Intel
  • Micro-Star International (MSI)
  • NVIDIA
  • Phoenix Technologies
  • Realtek Semiconductor
  • SuperMicro
  • Toshiba
- Advertisement -

There are a few more companies whose names hadn’t been revealed because they’re still under “embargo due to their work in highly regulated environments and will take longer to have a fix certified and ready to deploy to customers.” More information can be found in the Eclypsium presentation on the website. The general consensus on how to battle these vulnerabilities is this: be aware while installing driver updates and regularly scan a system for potential malware.

Further Reading:

- Advertisement -

Keep yourself updated with the latest tech news. Download our Android App now! Click here (Play Store)

- Advertisement -

More from author

Leave a Reply

Related posts

Advertisment

Latest posts

All You Need to Know About Call Of Duty Mobile Season 7 Update

In this article we shall check out the things which Activision is planning to provide in the new season 7 update of Call Of Duty Mobile.

Hollywood Stands United in Support of George Floyd

Commoners and Hollywood got together to condemn the death of George Floyd, an African-American man, in Minneapolis, Minnesota, due to racism.

Best Custom ROMs For The OnePlus 6 – Fresh Lease Of Life!

OnePlus phones have always been synonymous with an enthusiastic developer community. Granted this narrative has gone for a toss these past few...

Next Article Loading

Keep yourself updated with the latest tech news. Download our Android App now! Click here (Play Store)