Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / New
Stats: 2,969,288 members, 7,207,811 topics. Date: Friday, 09 December 2022 at 11:05 AM

All Microsoft Certified Drivers From Intel, Nvidia, AMD, Others Are Vulnerable - Webmasters - Nairaland

Nairaland Forum / Science/Technology / Webmasters / All Microsoft Certified Drivers From Intel, Nvidia, AMD, Others Are Vulnerable (544 Views)

How To Detect A Vulnerable Wordpress Plugin / Wordpress Hackers Are Using Vulnerable Plugins To Gain Access To Sites / AMD Outs New Radeon Adrenalin Edition Graphics Drivers (2) (3) (4)

(1) (Reply)

All Microsoft Certified Drivers From Intel, Nvidia, AMD, Others Are Vulnerable by keynap: 9:54am On Aug 13, 2019
All major BIOS vendors, along with the likes of AMD, Nvidia, Intel, Huawei, and many others, are offering drivers that have serious security issues. A new report, called Screwed Drivers, from Eclypsium, revealed the worrying extent of the problem.

People have to safeguard their PCs and phones by using antivirus software and by making sure that they don’ expose their operating system to any kind of malware. But what happens when even the drivers provided by the hardware manufacturers are full of vulnerabilities, leaving the operating systems exposed to possible attacks.

Fortunately for us, the end-users, the problems are identified by hackers who are interested in making the world safer, but that’s not always the case. Also, there is no indication that researchers from Eclypsium, who underlined all of the problems, are actually the first ones to discover the vulnerabilities.
"Things are much, much worse than you think"

The Eclypsium researchers revealed a report showing that all of the major hardware companies, including ASRock, ASUSTeK Computer, ATI Technologies (AMD), Biostar, EVGA, Getac, GIGABYTE, Huawei, Insyde, Intel, Micro-Star International (MSI), NVIDIA, Phoenix Technologies, Realtek Semiconductor, SuperMicro, and Toshiba have this systemic problem.

And keep in mind that this list is not complete. Some of the names are not yet public because those companies have yet to address the issues with their drivers. And the worst news is still to come.

“It is of particular concern that the drivers in question were not rogue or unsanctioned – in fact, just the opposite. All the drivers come from trusted third-party vendors, signed by valid Certificate Authorities, and certified by Microsoft. Both Microsoft and the third-party vendors will need to be more vigilant with these types of vulnerabilities going forward,” revealed the researchers.

That’s right, all the drivers were certified by Microsoft, which means that even if you wipe your OS clean right now, you’re still going to install the bad drivers. And there is no way to prevent the operating system from installing a certified driver.

It’s very likely that users are going to receive a wealth of new drivers in the coming weeks and months as the companies fix the vulnerabilities. Until then, we can only hope that only the people at Eclypsium are the ones to find them.



(1) (Reply)

Get Your Wordpress Website At A Cheaper Rate / Startech Mega Promo! Get Any Kind Of Website For N11,500 / Boost Your Business With Relevant Content

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2022 Oluwaseun Osewa. All rights reserved. See How To Advertise. 51
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.