stefan.kant...@nexgo.de wrote:
Kevin Beaumont kevin.beaum...@gmail.com wrote:
[...]
Microsoft documented a feature in Windows 8 and above called Windows
Platform Binary Table.
Cf. http://www.acpi.info/links.htm where WPBT is linked to
http://go.microsoft.com/fwlink/p/?LinkId=234840 alias
https
much as soon as the issue is
highlighted.
On 13 August 2015 at 07:47, Jerome Athias athiasjer...@gmail.com wrote:
Some more info
https://www.us-cert.gov/ncas/current-activity/2015/08/12/Lenovo-Service-Engine-LSE-BIOS-Vulnerability
2015-08-12 14:44 GMT+03:00 Kevin Beaumont kevin.beaum
so.
Dimitri
-Original Message-
From: Kevin Beaumont [mailto:kevin.beaum...@gmail.com]
Sent: Wednesday, August 12, 2015 7:45 AM
To: bugtraq@securityfocus.com
Subject: Windows Platform Binary Table (WPBT) - BIOS PE backdoor
PRECURSOR
There will be debate about
PRECURSOR
There will be debate about if this is a vulnerability. It affects a
majority of user PCs -- including all Enterprise editions of Windows,
there is no way to disable it, and allows direct code execution into
secure boot sequences. I believe it is worth discussing.
SCOPE
Microsoft
SCOPE
Every version of Microsoft Office on every Windows OS includes a
feature called OLE Packager, allowing content to be embedded in
documents. This includes executable content (.exe, .js, .vbe etc) -
there is no restriction of embeddable content. There is no way to
disable or restrict this