Researchers analyzing the security of legitimate device drivers found that more than 40 drivers from at least 20 hardware vendors contain vulnerabilities that can be abused to achieve privilege escalation.
Hardware represents the building blocks of a computer on top of which software resides. Drivers are what allows the operating system to identify the hardware components and interact with them.
Driver code enables communication between the OS kernel and the hardware, enjoying a higher permission level than the normal user and the administrator of the system.
Therefore, vulnerabilities in drivers are a serious issue as they can be exploited by a malicious actor to gain access to the kernel and get the highest privileges on the operating system (OS).
Since drivers are also used to update hardware firmware, they can reach components operating at an even deeper level that is off-limits for the OS, and change the way they function, or brick them.
BIOS and UEFI firmware, for instance, are low-level software that starts before the operating system, when you turn on the computer. Malware planted in this component is invisible to most security solutions and cannot be removed by reinstalling the OS.
Drivers are trusted
Researchers at firmware and hardware security firm Eclypsium discovered more than 40 drivers that could be abused for to elevate privileges from user space to the kernel permissions.
The vendors affected (list is here) include every major BIOS vendor and big names in the computer hardware business like ASUS, Toshiba, Intel, Gigabyte, Nvidia, or Huawei.
"All these vulnerabilities allow the driver to act as a proxy to perform highly privileged access to the h ..
Support the originator by clicking the read the rest link below.
