Patch/Configuration Management, Vulnerability Management

Major tech firms at risk of attacks leveraging TianoCore EDK II bugs

SiliconAngle reports that Intel, American Megatrends, and Phoenix Technologies have been confirmed to be impacted by nine vulnerabilities within the widely used Unified Extensible Firmware Interface firmware TianoCore EDK II dubbed "PixieFail," which could be exploited to enable denial-of-service attacks, data leaks, and DNS cache poisoning. Attacks leveraging the flaws, which would require the activation of the PXE boot option, could also impact Microsoft, Google, Amazon Web Services, Arm, Cisco Systems, Dell, Hewlett Packard Enterprise, and HP, as well as Lenovo, according to a Quarkslab report. However, researchers noted that PixieFail severity was dependent on the default PXE boot configuration and firmware build of vulnerable UEFI instances. Organizations leveraging the impacted UEFI software have been urged to immediately upgrade their firmware and enable Secure Boot, while disabling the PXE boot option if not needed. Researchers also called for the implementation of DHCP Snooping and Dynamic ARP Inspection, as well as UEFI HTTPS Boot.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.