UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks

Security firm Binarly has identified vulnerabilities in the Unified Extensible Firmware Interface (UEFI) code from various firmware/BIOS vendors, which could be exploited by hackers to deliver a malicious payload and bypass security technologies. Termed LogoFAIL, the flaws can be weaponized during the boot phase by injecting a malicious logo image file into the system. Affected devices include those from Intel, Acer, and Lenovo, marking a severe and widespread issue.