At the DEF CON 27 security conference in Las Vegas, Eclypsium security research team uncovered serious security flaws in more than 40 device drivers from 20 different vendors. These flaws could allow attackers to deploy malware on the vulnerable devices. “Drivers that provide access to system BIOS or system components for the purposes of updating firmware, running diagnostics, or customizing options on the component can allow attackers to turn the very tools used to manage a system into powerful threats that can escalate privileges and persist invisibly on the host,” Eclypsium wrote in its report. These drivers can provide an attacker the most privileged access that can be used to launch malicious actions within all versions of Windows including Windows Kernel. All the affected drivers are certified by Microsoft. In a statement to ZDNet, Mickey Shkatov, Principal Researcher at Eclypsium noted that the design flaw in Windows device drivers have a functionality that can be misused to…
Is Offshore Hosting For You?
Find out why you too should be hosting offshore. Click here now!