Skip to main content
R
Youtube
LogoFAIL attack finds its way in via your computer’s boot logo screen.

At BlackHat EU, Binarly showed how custom boot logo features could be exploited by crashing vulnerable image parsers, report SecurityWeek and ArsTechnica, allowing them to take over Windows and Linux systems. Binarly’s researchers write, “we detected parsers vulnerable to LogoFAIL in hundreds of devices sold by Lenovo, Supermicro, MSI, HP, Acer, Dell, Fujitsu, Samsung, and Intel.”

Not all of those systems are actually exploitable this way, but some vendors, like Lenovo, have issued BIOS updates or advisories in response.