Millions exposed to LogoFAIL firmware flaws: Should CISOs be worried? Well, yes, honestly.

You're probably exposed to rootkit risk, because vendors wanted their logos to show during boot processes -- everything's broken, howl into the abyss, why's this security advisory on a domain like https://9443417.fs1.hubspotusercontent-na1.net anyway?

, and Edward Targett

December 7, 2023 . 2:42 PM

3 min read

A bottle of whisky for the first reader that explains why we chose this featured image. Mail in.

A newly discovered set of security vulnerabilities called LogoFAIL has been found in UEFI system firmware from multiple vendors, including AMI, Insyde, and Phoenix that can be found in millions of consumer and enterprise devices from a sweeping range of ubiquitous OEMs.

The vulnerabilities, which give an attacker persistence, affect downstream OEMs from Acer to Intel, Dell to HP, Fujitsu to Supermicro and beyond.