Home / malwarePDF  

Program:Win32/VulnInsydeDriver.A


First posted on 04 October 2019.
Source: Microsoft

Aliases :

There are no other names known for Program:Win32/VulnInsydeDriver.A.

Explanation :

A vulnerability exists in older versions of a kernel mode driver (version 100.00.09.01 or earlier) included in Insyde Software's BIOS tool. 

The driver creates a virtual note and loads the kernel driver at runtime to gain access to system resources for flashing BIOS. The driver could allow applications with user privileges to read and write with kernel privileges. Attackers can abuse this driver to perform elevation of privilege attacks and access resources like RAM, MSR, IO, etc.

Last update 04 October 2019

 

TOP