[ltp] UEFI firmware updates for "BIOS Extreme Privilege Escalation"

Jochen Spieker linux-thinkpad@linux-thinkpad.org
Thu, 23 Oct 2014 23:27:07 +0200 

--jL2BoiuKMElzg3CS
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Martin Schuster (IFKL IT OS DC CD):
> On 2014-10-22 21:41, Jochen Spieker wrote:
>> [...]
>> Not strictly Linux-related but I guess many of us need to patch their
>> systems:
>>=20
>> http://support.lenovo.com/us/en/product_security/uefi_edk2
>>=20
> Thanks Jochen!
>=20
> Does someone know if this is as bad as the description on
> http://www.kb.cert.org/vuls/id/552286
> makes it sound ("A local authenticated attacker may be able to execute
> arbitrary code with the privileges of system firmware"), or does it
> require actual root-access to exploit?

This presentation assumes local admin privileges to exploit the issue:

https://www.mitre.org/publications/technical-papers/presentation-extreme-pr=
ivilege-escalation-on-windows-8uefi-systems

It also mentions that a new Windows 8 API is necessary. I have no idea
whether a pure !Windows system may be exploitable as well.

J.
--=20
I am no longer prepared to give you the benefit of the doubt.
[Agree]   [Disagree]
                 <http://www.slowlydownward.com/NODATA/data_enter2.html>

--jL2BoiuKMElzg3CS
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJUSXKoAAoJEFOK7jlDb4WXfXwP/i8cjBAsxju1cYCJnmkr099A
HhmHNabQfwN6YFLGp/0tJj7WKtO12qBRZnxqcz0Kz1cTaky318Ijn0/ErrcOW64/
G2PjD+XFRzMAOcftPm6K09ofqElZG3qmEvfctwnmqjerA/9sTjEElmd7Lm1Nkkpx
nMHWVlu6MySwMR4WCsGtExq0Ud47MYMoTgAfUh3rQZ+pHonNhlZbnR2nWGxzTvUr
nDFTnxDY0HHpz2NaJcmTh1+6c4RKURw0JdiOEHfv5EGCvrwFrQpG5fxWUl2aquLc
Okmh3ok+evtqkCYrCIBjHqRL9+OFfSeRV+CoRKpQ0NRNERZfh1w7tF8jm+NPah7e
aVrc8zT7ssVEsYyjh7s9nMkF6ZFlvCvEyTD7IU0TcaRCQhXkAun5bdBbiNllqs6b
Dyd5/PY8xK5tGnURlegQUu8tOmKXVIcLDhxECEiUbiVgwsZ23iHr4Ap+++ObSmqp
A2VNCVP6ekyoEsqw03GeBKDcQwxnssicxh1Qdr4nyw79eWF+YXAXqCJjP8CqTSsz
kJfBcQUHI1fXuYdaNoqXXiPk2qvgwWRLyjjmwOb+XxvMfWUBk4wv3EZ/7My/C+N7
q8AAAZ2hJuwLVeVgOLhlbNp6/vTv0BFk40FynRlWf7IZpBuEMESrvishSS7YOt8s
C1EWeE3ON3C60g/hGTlI
=LwAt
-----END PGP SIGNATURE-----

--jL2BoiuKMElzg3CS--