Vietnam.vn - Nền tảng quảng bá Việt Nam

Hundreds of PC and server models with Intel CPUs have serious vulnerabilities

Báo Thanh niênBáo Thanh niên23/06/2024


According to SecurityWeek , the vulnerability CVE-2024-0762 named UEFIcanhazbufferoverflow was discovered by an automated analysis system developed by Eclypsium. The security vulnerability can be exploited by attackers to elevate privileges and execute arbitrary code in the UEFI firmware when operating.

Eclypsium warns that this is a type of vulnerability that can be exploited by threats such as the Black Lotus UEFI rootkit.

Hàng trăm model PC và máy chủ với CPU Intel dính lỗ hổng nghiêm trọng- Ảnh 1.

Multiple Intel CPUs Affected by CVE-2024-0762 Vulnerability

SECURITYWEEK SCREENSHOT

“This vulnerability demonstrates two hallmarks of an IT infrastructure supply chain breach: high impact and wide reach. UEFI firmware is some of the most valuable code on modern devices, and any compromise of that code could give an attacker full control and persistence over the device,” Eclypsium noted.

An investigation found that the vulnerability is related to an insecure variable in the Trusted Platform Module (TPM) configuration. The vulnerable SecureCore UEFI firmware runs on a variety of Intel mobile, desktop, and server processors used by computer manufacturers such as Lenovo, Acer, Dell, and HP.

Phoenix Technologies addressed the vulnerability in an announcement published in May, confirming that SecureCore firmware running on Intel CPUs such as Alder Lake, Coffee Lake, Comet Lake, Ice Lake, Jasper Lake, Kaby Lake, Meteor Lake, Raptor Lake, Rocket Lake, and Tiger Lake are affected.

Phoenix has patched CVE-2024-0762, and device manufacturers have begun deploying patches to their products. Lenovo, for example, notified customers of the vulnerability in an advisory published in May and is now releasing patches with plans to deploy them to some PCs later this summer.



Source: https://thanhnien.vn/hang-tram-model-pc-va-may-chu-voi-cpu-intel-dinh-lo-hong-nghiem-trong-185240623072435006.htm

Comment (0)

No data
No data

Same tag

Same category

Spectacular start of Vietnamese film market in 2025
Phan Dinh Tung releases new song before concert 'Anh trai vu ngan cong gai'
Hue National Tourism Year - 2025 with the theme "Hue - Ancient Capital - New Opportunities"
Army determined to practice parade 'most evenly, best, most beautiful'

Same author

Heritage

Figure

Business

No videos available

News

Political System

Local

Product