Microsoft's AI-Powered Security Copilot Unveils Numerous Never-Before-Seen Vulnerabilities

-
  • Microsoft utilized Security Copilot to examine open-source bootloaders for security weaknesses.
  • It identified 20 new vulnerabilities within a brief period.
  • Microsoft states that the AI tool helped the company save at least seven days of effort.

Microsoft has shared additional details about how its newest AI tools are effectively identifying code vulnerabilities and other issues.

The firm has released a new blog post detailing how it used Security Copilot Its AI-driven cybersecurity solution identified nearly two dozen flaws across various open-source bootloaders.

Microsoft identified 11 vulnerabilities in GRUB2, along with an additional nine issues in both U-Boot and Barebox.

Keep an eye on your credit score from TransUnion for as low as $29.95 per month.

TransUnion offers a credit monitoring solution designed to keep tabs on your fiscal well-being. It provides instant notifications, monitors your credit scores, and safeguards against identity theft so you won’t overlook significant updates. The platform features an adjustable web portal that gives you transparent access to details about your credit status. Additionally, companies can utilize TransUnion’s sophisticated instruments for evaluating risks.

Preferred partner ( What does this mean? ) View Deal

Remote code execution risks

GRUB2 (Grand Unified Bootloader version 2) serves as a bootloader for Linux distributions and various Unix-like operating systems, facilitating the boot process and initiating the loading of the OS.

U-Boot (Das U-Boot) and Barebox, conversely, serve as primary bootloaders utilized predominantly in embedded systems. U-Boot stands out due to its widespread adoption across different architectures, whereas Barebox offers itself as a competitor with an emphasis on quicker startup speeds and simplified upkeep.

The security flaws range from issues like integer and buffer overflows to threats such as side-channel attacks and out-of-bound read vulnerabilities.

Microsoft stated that some vulnerabilities might allow for the execution of arbitrary code, while others would require either physical access to the affected device or prior infection with malicious software.

Microsoft stated that although threat actors might probably need physical access to the device to exploit U-Boot or Barebox vulnerabilities, they could leverage GRUB2 flaws to circumvent Secure Boot. This exploitation may allow them to deploy hidden bootkits or possibly override various security measures like BitLocker.

The consequences of deploying such bootkits are considerable since they could provide attackers with full command over the device. This enables them to manipulate the boot sequence and operating system, endanger further systems within the network, and engage in various harmful actions.

Moreover, this might lead to long-lasting effects." malware That stays intact even following an operating system reinstall or a hard drive swap."

Every flaw has been given a CVE identifier, and most of them are considered "medium" in terms of severity, except for one which is classified as "high" at a rating of 7.8 out of 10.

You might also like

  • Large-scale online data leak exposes 2.7 billion records — here’s what we understand so far
  • We've rounded up the best password managers
  • Check out our guide to the best authenticator app

Enjoying this article? To discover more stories like this one, follow us on MSN by clicking the +Follow button at the top of this page.

Comments

Post a Comment

Popular posts from this blog

Paradise Islands Offer Citizenship for Less Than £36,000

-
Image
Didn't you catch wind of it? For only $105,000, you can purchase citizenship to a tropical island paradise these days. The island country of Nauru located in the Pacific is offering passports to foreign nationals for $105,000 (£81,000) as part of an effort to generate funding for its climate emergency reserve. Soaring sea levels are swiftly eroding Nauru’s coastlines. In reaction, the nation’s leadership is considering a large-scale move inland; however, they are facing difficulties in securing funding for this initiative. Approximately ninety percent of the island's inhabitants will likely have to relocate to elevated areas due to sea levels surrounding Nauru increasing at a rate one point five times quicker than the worldwide average. Many nations provide citizenship in return for significant financial investments or property purchases. However, certain options may stand out specifically to wealthy Britons looking for opportunities. In fact, several stunning t...
Read more

Australian Grand Prix Fences Go Black for Clever Reason

-
Image
The 2025 Australian Grand Prix introduces several modifications to the circuit, primarily focusing on Turn 6 where Mercedes' George Russell had a crash in the previous year. However, the track authorities have implemented an additional alteration. The fencing along the Melbourne street race course has been painted black, particularly in the region of the starting grid. This minor alteration significantly enhances visibility for both spectators with tickets and photographers, despite its subtle nature. The cause stems from how light reflects off the metal. Black paint helps with this by absorbing the light, thus making it simpler to maintain visibility. Formula One tracks have consistently needed to address the visibility and safety of spectators holding tickets. Essential safety features include barrier walls and catch fencing, which protect not only the audience but also racers themselves. Take, for instance, Zhou Guanyu’s accident at Silverstone in 2023; without the p...
Read more

Bill Passes Just Hours Before Deadline, Averts Shutdown and Defeats Filibuster

-
Image
On Friday, senators moved forward with the stopgap funding measure approved by the House as the clock ticks nearer to a potential government closure. With a vote of 62 to 38, the senators decided to move forward with the proposal. Almost all Republicans along with ten Democrats helped override the filibuster. Senate Minority Leader Chuck Schumer from New York Senate Minority Whip Dick Durbin from Illinois, along with Senators Angus King of Maine, Brian Schatz of Hawaii, Catherine Cortez Masto of Nevada, John Fetterman of Pennsylvania, Gary Peters of Michigan, Maggie Hassan of New Hampshire, Kirsten Gillibrand of New York, and Jeanne Shaheen of New Hampshire, voted to advance the bill, going against the majority of their fellow Democrats. The House-passed short-term A spending measure, referred to as a continuing resolution (CR), would maintain funding at FY 2024 levels up until October 1st. Nevertheless, should Congress fail to pass this legislation before 11...
Read more