Microsoft has its AI-powered Security Copilot discover a whole host of previously unknown vulnerabilities
Almost two dozen new vulnerabilities were found by Security Copilot across different open source bootloaders.
- Microsoft used Security Copilot to scan open source bootloaders for vulnerabilities
- It discovered 20 new flaws in just a short time
- Microsoft says the AI tool saved the company at least a week of work
Microsoft has revealed more on how its latest AI tools are proving useful spotting code vulnerabilities and more.
The company has published a new blog post detailing how it used Security Copilot (its AI-powered cybersecurity tool) to find almost two dozen vulnerabilities in different open-source bootloaders.
In total, Microsoft found 11 flaws in GRUB2, and nine more in U-Boot and Barebox.
Monitor your credit score with TransUnion starting at $29.95/month
TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.
Preferred partner (What does this mean?)View Deal
Remote code execution risks
GRUB2 (GRand Unified Bootloader version 2) is a bootloader used in Linux and other Unix-like operating systems to manage the boot process and load the operating system.
U-Boot (Das U-Boot) and Barebox, on the other hand, are bootloaders primarily used in embedded systems. U-Boot is a widely adopted bootloader supporting various architectures, while Barebox is an alternative designed for faster boot times and easier maintenance.
The vulnerabilities span from integer and buffer overflows, to side-channel attacks and out-of-bounds read vulnerabilities.
Some of the flaws could be used to execute arbitrary code, Microsoft said, whereas others would need physical access to the vulnerable device, or would need the device to be infected with malware beforehand.
"While threat actors would likely require physical device access to exploit the U-boot or Barebox vulnerabilities, in the case of GRUB2, the vulnerabilities could further be exploited to bypass Secure Boot and install stealthy bootkits or potentially bypass other security mechanisms, such as BitLocker," Microsoft said.
"The implications of installing such bootkits are significant, as this can grant threat actors complete control over the device, allowing them to control the boot process and operating system, compromise additional devices on the network, and pursue other malicious activities."
"Furthermore, it could result in persistent malware that remains intact even after an operating system reinstallation or a hard drive replacement."
All of the flaws now have a CVE assigned, and their severity is mostly “medium”, with one being rated “high” - 7.8/10.
You might also like
- Massive online data breach sees 2.7 billion records leaked - here's what we know
- We've rounded up the best password managers
- Take a look at our guide to the best authenticator app
