Unsigned Firmware Puts Windows, Linux Peripherals at Risk

1.0TechNewsWorldhttps://www.technewsworld.comUnsigned Firmware Puts Windows, Linux Peripherals at Riskrich600338<blockquote class="wp-embedded-content" data-secret="5n4vEBjZIm"><a href="https://www.technewsworld.com/story/unsigned-firmware-puts-windows-linux-peripherals-at-risk-86517.html">Unsigned Firmware Puts Windows, Linux Peripherals at Risk</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://www.technewsworld.com/story/unsigned-firmware-puts-windows-linux-peripherals-at-risk-86517.html/embed#?secret=5n4vEBjZIm" width="600" height="338" title="“Unsigned Firmware Puts Windows, Linux Peripherals at Risk” — TechNewsWorld" data-secret="5n4vEBjZIm" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script type="text/javascript"> /*! This file is auto-generated */ !function(c,d){"use strict";var e=!1,o=!1;if(d.querySelector)if(c.addEventListener)e=!0;if(c.wp=c.wp||{},c.wp.receiveEmbedMessage);else if(c.wp.receiveEmbedMessage=function(e){var t=e.data;if(!t);else if(!(t.secret||t.message||t.value));else if(/[^a-zA-Z0-9]/.test(t.secret));else{for(var r,s,a,i=d.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),n=d.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),o=new RegExp("^https?:$","i"),l=0;l<n.length;l++)n[l].style.display="none";for(l=0;l<i.length;l++)if(r=i[l],e.source!==r.contentWindow);else{if(r.removeAttribute("style"),"height"===t.message){if(1e3<(s=parseInt(t.value,10)))s=1e3;else if(~~s<200)s=200;r.height=s}if("link"===t.message)if(s=d.createElement("a"),a=d.createElement("a"),s.href=r.getAttribute("src"),a.href=t.value,!o.test(a.protocol));else if(a.host===s.host)if(d.activeElement===r)c.top.location.href=t.value}}},e)c.addEventListener("message",c.wp.receiveEmbedMessage,!1),d.addEventListener("DOMContentLoaded",t,!1),c.addEventListener("load",t,!1);function t(){if(o);else{o=!0;for(var e,t,r,s=-1!==navigator.appVersion.indexOf("MSIE 10"),a=!!navigator.userAgent.match(/Trident.*rv:11\./),i=d.querySelectorAll("iframe.wp-embedded-content"),n=0;n<i.length;n++){if(!(r=(t=i[n]).getAttribute("data-secret")))r=Math.random().toString(36).substr(2,10),t.src+="#?secret="+r,t.setAttribute("data-secret",r);if(s||a)(e=t.cloneNode(!0)).removeAttribute("security"),t.parentNode.replaceChild(e,t);t.contentWindow.postMessage({message:"ready",secret:r},"*")}}}}(window,document); </script> https://www.technewsworld.com/wp-content/uploads/sites/3/2021/05/xl-2020-firmware-1.jpg620413Eclypsium has released new research that identifies and confirms unsigned firmware in WiFi adapters, USB hubs, trackpads and cameras used in Windows and Linux computer and server products from Lenovo, Dell, HP and other major manufacturers. Eclypsium also demonstrated a successful attack on a server via a network interface card with unsigned firmware used by each of the big three server manufacturers. The demonstration shows the exposed attack vector once firmware on any of these components is infected using the issues the report describes.