[ad_1]
Researchers have found out because age-related safety and the computer code for firmware. Most of the time full of difficulties, it is difficult to replace them with patches, and they are increasing target of real threats. Now, the best way to update the firmware of Dell computers is the one that is at risk due to some minor bugs. And this problem can be used to access all resources.
The program of new From researchers to the security company Eclypsium affects the latest 128 types of Dell computers, including desktops, laptops, and tablets. Researchers estimate that the threat posed a total of 30 million weapons, and that the incident also applies to integrated nations. Microsoft Security PC-protected system built-in reducing the risk of firmware. Dell is releasing patches of those offenses today.
“These devices are easy to use. It’s like going backwards, it’s like in the 90’s,” says Jesse Michael, a senior researcher at Eclypsium. new firmware. “
The bugs appear in Dell’s BIOSConnect interface, which allows users to easily, and easily, download firmware updates. BIOSConnect is an integral part of Dell’s update as well as a remote form called SupportAssist, with its difficulties that can be difficult. Ways to change it is important goals for those who attack, because they can be tainted to distribute malware.
The four threats that researchers found in BIOSConnect would not allow hackers to install Dell firmware updates on users at the same time. It can be used, however, to run their devices and easily upgrade firmware. Fraud of the firmware of the device can give the attackers a chance to attack the machine, because the firmware integrates software tools and software, and runs as a computer and software operating system.
“This is a corruption that allows the opponent to go into the BIOS,” said the firmware used to boot, says Scott Scheferman, an Eclypsium researcher. “Before the machines can take off their shoes and they know what’s going on, the attack has already taken place. It is a fast, powerful, and important course for an attacker who wants to persevere. ”
An important warning is that the attackers will not directly use the four BIOSConnect hackers from the internet. They must have access to the inside of the armor. But researchers believe that the simplicity of the situation and the lack of supervision or pricing on the firmware could make the practice attractive to hackers. After the attacker has corrupted the firmware it may remain anonymous for a while within the network.
Eclypsium investigators have revealed problems at Dell on March 3. They will report the findings of a security conference at Defcon in Las Vegas in early August.
“Dell also fixed a number of issues with the Dell BIOSConnect and HTTPS Boot features available with other Dell Client platforms,” the company said. Dell car switches are on“If not, the company says customers should put the patches on hand” soon. “
Eclypsium researchers warn, however, that this is a single change that you do not want to download on its own. Since BIOSConnect alone is an unsafe method, the best way to get those changes is to go to Dell’s Drivers and Downloads website and download manually and put updates there. For the average user, the best way is to simply upgrade your Dell as fast as you can.
[ad_2]
Source link
