#pixiefail — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #pixiefail, aggregated by home.social.
-
RT @quarkslab
Is remote code execution in UEFI firmware possible?
Yes it is.
Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers.
Full details by @fdfalcon and @4Dgifts in our new blog post: https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html -
RT @quarkslab
Is remote code execution in UEFI firmware possible?
Yes it is.
Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers.
Full details by @fdfalcon and @4Dgifts in our new blog post: https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html -
RT @quarkslab
Is remote code execution in UEFI firmware possible?
Yes it is.
Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers.
Full details by @fdfalcon and @4Dgifts in our new blog post: https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html -
RT @quarkslab
Is remote code execution in UEFI firmware possible?
Yes it is.
Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers.
Full details by @fdfalcon and @4Dgifts in our new blog post: https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html -
@quarkslab @fdfalcon @4Dgifts L’analyse et les conseils du @CERT_FR pour protéger vos machines de #PixieFAIL : https://www.cert.ssi.gouv.fr/actualite/CERTFR-2024-ACT-004/
-
@quarkslab @fdfalcon @4Dgifts L’analyse et les conseils du @CERT_FR pour protéger vos machines de #PixieFAIL : https://www.cert.ssi.gouv.fr/actualite/CERTFR-2024-ACT-004/
-
@quarkslab @fdfalcon @4Dgifts L’analyse et les conseils du @CERT_FR pour protéger vos machines de #PixieFAIL : https://www.cert.ssi.gouv.fr/actualite/CERTFR-2024-ACT-004/
-
@quarkslab @fdfalcon @4Dgifts L’analyse et les conseils du @CERT_FR pour protéger vos machines de #PixieFAIL : https://www.cert.ssi.gouv.fr/actualite/CERTFR-2024-ACT-004/
-
@quarkslab @fdfalcon @4Dgifts L’analyse et les conseils du @CERT_FR pour protéger vos machines de #PixieFAIL : https://www.cert.ssi.gouv.fr/actualite/CERTFR-2024-ACT-004/
-
PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts – Source: securityaffairs.com https://ciso2ciso.com/pixiefail-nine-flaws-in-uefi-open-source-reference-implementation-could-have-severe-impacts-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Pixiefail #hacking #UEFI
-
PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts – Source: securityaffairs.com https://ciso2ciso.com/pixiefail-nine-flaws-in-uefi-open-source-reference-implementation-could-have-severe-impacts-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Pixiefail #hacking #UEFI
-
「 #PixieFail #UEFI の欠陥により、数百万台のコンピュータが RCE、DoS、およびデータ盗難にさらされる 」: The Hacker News
「最新のコンピュータで広く使用されている Unified Extensible Firmware Interface ( UEFI )仕様のオープンソース参照実装の TCP/IP ネットワーク プロトコル スタックに、複数のセキュリティ脆弱性が明らかになりました 。
AMI、Intel、Insyde、Phoenix Technologies の UEFI ファームウェア (オペレーティング システムの起動 を担当) がこの欠点の影響を受けます。 」
https://thehackernews.com/2024/01/pixiefail-uefi-flaws-expose-millions-of.html
-
「 #PixieFail #UEFI の欠陥により、数百万台のコンピュータが RCE、DoS、およびデータ盗難にさらされる 」: The Hacker News
「最新のコンピュータで広く使用されている Unified Extensible Firmware Interface ( UEFI )仕様のオープンソース参照実装の TCP/IP ネットワーク プロトコル スタックに、複数のセキュリティ脆弱性が明らかになりました 。
AMI、Intel、Insyde、Phoenix Technologies の UEFI ファームウェア (オペレーティング システムの起動 を担当) がこの欠点の影響を受けます。 」
https://thehackernews.com/2024/01/pixiefail-uefi-flaws-expose-millions-of.html
-
「 #PixieFail #UEFI の欠陥により、数百万台のコンピュータが RCE、DoS、およびデータ盗難にさらされる 」: The Hacker News
「最新のコンピュータで広く使用されている Unified Extensible Firmware Interface ( UEFI )仕様のオープンソース参照実装の TCP/IP ネットワーク プロトコル スタックに、複数のセキュリティ脆弱性が明らかになりました 。
AMI、Intel、Insyde、Phoenix Technologies の UEFI ファームウェア (オペレーティング システムの起動 を担当) がこの欠点の影響を受けます。 」
https://thehackernews.com/2024/01/pixiefail-uefi-flaws-expose-millions-of.html
-
CW: Long thread/27
That badware is running in "Ring -1" - a zone of privilege that overrides the operating system itself.
Here's the bad news: UEFI malware has already been detected in the wild:
https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973/
And here's the worst news: researchers have just identified *another* exploitable UEFI bug, dubbed #Pixiefail:
27/
-
CW: Long thread/27
That badware is running in "Ring -1" - a zone of privilege that overrides the operating system itself.
Here's the bad news: UEFI malware has already been detected in the wild:
https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973/
And here's the worst news: researchers have just identified *another* exploitable UEFI bug, dubbed #Pixiefail:
27/
-
CW: Long thread/27
That badware is running in "Ring -1" - a zone of privilege that overrides the operating system itself.
Here's the bad news: UEFI malware has already been detected in the wild:
https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973/
And here's the worst news: researchers have just identified *another* exploitable UEFI bug, dubbed #Pixiefail:
27/
-
CW: Long thread/27
That badware is running in "Ring -1" - a zone of privilege that overrides the operating system itself.
Here's the bad news: UEFI malware has already been detected in the wild:
https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973/
And here's the worst news: researchers have just identified *another* exploitable UEFI bug, dubbed #Pixiefail:
27/
-
CW: Long thread/27
That badware is running in "Ring -1" - a zone of privilege that overrides the operating system itself.
Here's the bad news: UEFI malware has already been detected in the wild:
https://securelist.com/cosmicstrand-uefi-firmware-rootkit/106973/
And here's the worst news: researchers have just identified *another* exploitable UEFI bug, dubbed #Pixiefail:
27/
-
PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft – Source:thehackernews.com https://ciso2ciso.com/pixiefail-uefi-flaws-expose-millions-of-computers-to-rce-dos-and-data-theft-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #Pixiefail #Flaws
-
PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft – Source:thehackernews.com https://ciso2ciso.com/pixiefail-uefi-flaws-expose-millions-of-computers-to-rce-dos-and-data-theft-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #Pixiefail #Flaws
-
Excellent #security research work and blog post by @quarkslab 🔥
#PixieFail: Nine #vulnerabilities in #Tianocore's EDK II #IPv6 network stack
Congrats to @4Dgifts who’s #stillhacking after so many years. Inspiring 🙏
-
Excellent #security research work and blog post by @quarkslab 🔥
#PixieFail: Nine #vulnerabilities in #Tianocore's EDK II #IPv6 network stack
Congrats to @4Dgifts who’s #stillhacking after so many years. Inspiring 🙏
-
Excellent #security research work and blog post by @quarkslab 🔥
#PixieFail: Nine #vulnerabilities in #Tianocore's EDK II #IPv6 network stack
Congrats to @4Dgifts who’s #stillhacking after so many years. Inspiring 🙏
-
Excellent #security research work and blog post by @quarkslab 🔥
#PixieFail: Nine #vulnerabilities in #Tianocore's EDK II #IPv6 network stack
Congrats to @4Dgifts who’s #stillhacking after so many years. Inspiring 🙏
-
Excellent #security research work and blog post by @quarkslab 🔥
#PixieFail: Nine #vulnerabilities in #Tianocore's EDK II #IPv6 network stack
Congrats to @4Dgifts who’s #stillhacking after so many years. Inspiring 🙏
-
New UEFI vulnerabilities send firmware devs across an entire ecosystem scrambling - Enlarge (credit: Nadezhda Kozhedub)
UEFI firmware from five of... - https://arstechnica.com/?p=1996543 #vulnerabilities #pixiefail #security #exploits #biz #uefi
-
New UEFI vulnerabilities send firmware devs across an entire ecosystem scrambling - Enlarge (credit: Nadezhda Kozhedub)
UEFI firmware from five of... - https://arstechnica.com/?p=1996543 #vulnerabilities #pixiefail #security #exploits #biz #uefi
-
New UEFI vulnerabilities send firmware devs across an entire ecosystem scrambling - Enlarge (credit: Nadezhda Kozhedub)
UEFI firmware from five of... - https://arstechnica.com/?p=1996543 #vulnerabilities #pixiefail #security #exploits #biz #uefi
-
New UEFI vulnerabilities send firmware devs across an entire ecosystem scrambling - Enlarge (credit: Nadezhda Kozhedub)
UEFI firmware from five of... - https://arstechnica.com/?p=1996543 #vulnerabilities #pixiefail #security #exploits #biz #uefi
-
New UEFI vulnerabilities send firmware devs across an entire ecosystem scrambling - Enlarge (credit: Nadezhda Kozhedub)
UEFI firmware from five of... - https://arstechnica.com/?p=1996543 #vulnerabilities #pixiefail #security #exploits #biz #uefi
-
#PixieFAIL : Nine vulnerabilities in Tianocore's EDK II IPv6 network stack. Nine vulnerabilities that affect EDK II, the de-facto open source reference implementation of the UEFI specification and possibly all implementations derived from it. - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html #security
-
#PixieFAIL : Nine vulnerabilities in Tianocore's EDK II IPv6 network stack. Nine vulnerabilities that affect EDK II, the de-facto open source reference implementation of the UEFI specification and possibly all implementations derived from it. - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html #security
-
#PixieFAIL : Nine vulnerabilities in Tianocore's EDK II IPv6 network stack. Nine vulnerabilities that affect EDK II, the de-facto open source reference implementation of the UEFI specification and possibly all implementations derived from it. - https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html #security
-
Here's the writeup on #PixieFail, 9 vulns in the UEFI reference architecture that could enable exploitation over PXE network boot using IPv6. As near as I can tell, what has been demonstrated is underflow/overflows, but no successful exploitation.
blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html -
Here's the writeup on #PixieFail, 9 vulns in the UEFI reference architecture that could enable exploitation over PXE network boot using IPv6. As near as I can tell, what has been demonstrated is underflow/overflows, but no successful exploitation.
blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html -
Here's the writeup on #PixieFail, 9 vulns in the UEFI reference architecture that could enable exploitation over PXE network boot using IPv6. As near as I can tell, what has been demonstrated is underflow/overflows, but no successful exploitation.
blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html -
Here's the writeup on #PixieFail, 9 vulns in the UEFI reference architecture that could enable exploitation over PXE network boot using IPv6. As near as I can tell, what has been demonstrated is underflow/overflows, but no successful exploitation.
blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html -
Here's the writeup on #PixieFail, 9 vulns in the UEFI reference architecture that could enable exploitation over PXE network boot using IPv6. As near as I can tell, what has been demonstrated is underflow/overflows, but no successful exploitation.
blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html -
Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation – Source: www.securityweek.com https://ciso2ciso.com/remotely-exploitable-pixiefail-flaws-found-in-tianocore-edk-ii-pxe-implementation-source-www-securityweek-com/ #rssfeedpostgeneratorecho #SupplyChainSecurity #CyberSecurityNews #NetworkSecurity #vulnerabilities #securityweekcom #securityweek #Microsoft #Pixiefail #Quarkslab #Tianocore #UEFI
-
Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation – Source: www.securityweek.com https://ciso2ciso.com/remotely-exploitable-pixiefail-flaws-found-in-tianocore-edk-ii-pxe-implementation-source-www-securityweek-com/ #rssfeedpostgeneratorecho #SupplyChainSecurity #CyberSecurityNews #NetworkSecurity #vulnerabilities #securityweekcom #securityweek #Microsoft #Pixiefail #Quarkslab #Tianocore #UEFI
-
Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation https://www.securityweek.com/remotely-exploitable-pixiefail-flaws-found-in-tianocore-edk-ii-pxe-implementation/ #SupplyChainSecurity #NetworkSecurity #Vulnerabilities #Microsoft #Pixiefail #Quarkslab #Tianocore #UEFI
-
Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation https://www.securityweek.com/remotely-exploitable-pixiefail-flaws-found-in-tianocore-edk-ii-pxe-implementation/ #SupplyChainSecurity #NetworkSecurity #Vulnerabilities #Microsoft #Pixiefail #Quarkslab #Tianocore #UEFI