When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
While the logo is being displayed, the Unified Extensible Firmware Interface (UEFI) is still running.
UEFI, the researchers claim, has been vulnerable to roughly two dozen flaws for years now.
Let your people use the web freely without risking data and web connection security.
Preferred partner (What does this mean?)
Still, UEFI will read and execute the code hosted there.
These two dozen vulnerabilities have collectively been named LogoFAIL.
Patches are already available, but they differ from manufacturer to manufacturer.
Users are advised to find the corresponding advisory and learn how to patch the vulnerability up.
The act of replacing the image is relatively easy to pull off, they said.
LogoFAIL is being tracked as CVE-2023-5058, CVE-2023-39538, CVE-2023-39539, and CVE-2023-40238.
