Serious vulnerabilities in NVIDIA, AMD and Intel Drivers

- Advertisement -

Researchers at Eclypsium have found serious issues with more than 40 drivers from every major BIOS vendor. This piece of information was revealed on August 10th, and these vulnerabilities were given the name ‘Screwed Drivers’. Pretty aberrant from the usual names given to security faults nowadays.

These severe vulnerabilities were found in drivers from vendors the likes of Asus, Toshiba, NVIDIA, Intel and AMD. What makes it worse is that all of these insecure drivers were signed by valid certificate authorities and was also certified by Microsoft. These vulnerable drivers can be installed on all versions of Microsoft, and there is currently no mechanism to keep a Windows machine from loading one of these bad drivers.

Some features specific to Windows Pro, Windows Enterprise and Windows server offer protection to its users, and that’s only if admins decide to enable those features. They’re disabled by default allowing vulnerabilities to enter anyway. All of these vulnerabilities allow the drivers to act as a proxy to provide highly privileged access to the hardware resources. This escalates the privileges of an attacker moving him from user mode to OS kernel mode.

Eclypsium security vulnerabilities
Vulnerabilities
- Advertisement -

Here’s what Eclypsium had to add:

“Vulnerable or outdated system and component firmware is a common problem and a high-value target for attackers, who can use it to launch other attacks, completely brick systems, or remain on a device for years gathering data, even after the device is wiped. To make matters worse, in this case, the very drivers and tools that would be used to update the firmware are themselves vulnerable and provide a potential avenue for attack.”

Here is a partial list of vendors identified by Eclypsium:

  • ASRock
  • ASUSTeK Computer
  • ATI Technologies (AMD)
  • Biostar
  • EVGA
  • Getac
  • GIGABYTE
  • Huawei
  • Insyde
  • Intel
  • Micro-Star International (MSI)
  • NVIDIA
  • Phoenix Technologies
  • Realtek Semiconductor
  • SuperMicro
  • Toshiba
- Advertisement -

There are a few more companies whose names hadn’t been revealed because they’re still under “embargo due to their work in highly regulated environments and will take longer to have a fix certified and ready to deploy to customers.” More information can be found in the Eclypsium presentation on the website. The general consensus on how to battle these vulnerabilities is this: be aware while installing driver updates and regularly scan a system for potential malware.

Further Reading:

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Latest posts

Capcom Steam Sale – Resident Evil, DMC 5, Monster Hunter and More Games Discounted

With Resident Evil Village releasing soon, Capcom is hosting a grand Steam sale, with many games from its notable franchises on sale. Here are...

[EXCLUSIVE] Xiaomi Mi 11 Ultra Could Launch For Rs 1,00,000 in India

Xiaomi is all geared up to launch the Mi 11 Ultra in India, and we already know that it's an absolute beast. It comes...

Console Gaming Is Getting Closer to PCs With Resident Evil Village

Capcom has released a spec-sheet for Resident Evil Village showing expected resolution and frame rate on consoles and PC, bringing the experience on both platforms closer than before.

Next Article Loading