Alarm raised over more holes in third-party low-level code
Nearly three months after infosec biz Eclypsium highlighted widespread security weaknesses in third-party Windows hardware drivers, you can now add Intel to the list of vendors leaving holes in their all-powerful low-level code.
In a follow-up report to its August DEF CON presentation, Eclypsium found that not only are those third-party kernel-mode drivers still vulnerable, widely used Intel drivers also contain many of the same holes.
As was noted in that DEF CON presentation by Jesse Michael and Mickey Shkatov, vulnerabilities in drivers are a huge risk because the code typically runs at the lowest levels in an operating system, has access to peripherals, storage, and applications, and thus if exploited, will grant miscreants total control over a machine.
It is worth noting that these are not remotely exploitable flaws: hackers need to already be running code locally in order to get at the vulnerable drivers.
Now, Eclypsium says that it can detail three more drivers it held back of that original report, all from Intel.