https://www.securityweek.com/vulnerabil ... nt-malware
".......Privilege escalation flaws were previously found in drivers from Huawei, ASUS, ASRock, Gigabyte and others, and some sophisticated threats, such as the Slingshot campaign and some Fancy Bear attacks, exploited these types of weaknesses to deploy rootkits.
Eclypsium wanted to find out just how common device driver vulnerabilities are and its researchers analyzed software from AMI, ASRock, ASUS, ATI, Biostar, EVGA, Getac, Gigabyte, Huawei, Insyde, Intel, MSI, NVIDIA, Phoenix Technologies, Realtek, SuperMicro, Toshiba, and other vendors who have not been named due to their work in highly regulated environments.
According to Eclypsium, the security holes found by its employees in these drivers can be exploited to escalate privileges from user mode to kernel mode, which gives a piece of malware...."
Device driver vulnerabilities AMI, ASRock, ASUS, ATI..et al
- nosystemdthanks
- Posts: 703
- Joined: Thu 03 May 2018, 16:13
- Contact:
Re: Device driver vulnerabilities AMI, ASRock, ASUS, ATI..et al
i consider this relevant, but as far as i know this wont affect puppy users who are already running everything with full privileges-- or so im routinely told when stories like this come up.belham2 wrote:According to Eclypsium, the security holes found by its employees in these drivers can be exploited to escalate privileges from user mode to kernel mode, which gives a piece of malware[/i]...."
perhaps, given that the browser is not run as root, it is a problem there, theoretically, though i dont know how the browser would directly affect these drivers. and root usermode isnt the same as kernel afaik, but root can certainly bridge that gap. root can load and unload kernel modules, etc.
[color=green]The freedom to NOT run the software, to be free to avoid vendor lock-in through appropriate modularization/encapsulation and minimized dependencies; meaning any free software can be replaced with a user’s preferred alternatives.[/color]