Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

LogoFAIL - Security Implications of Image Parsing During System Boot

Black Hat via YouTube

Start learning Write review
Corporate Finance Institute Ad

Finance Certifications Goldman Sachs & Amazon Teams Trust

Learn More → Coursera Ad

Google Data Analytics, IBM AI & Meta Marketing — All in One Subscription

Learn More →

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore the critical security vulnerabilities in image parsing libraries used by BIOS vendors during system boot in this Black Hat conference talk. Delve into the LogoFAIL research, which exposes how attackers can exploit custom logo images stored on the EFI system partition or within unsigned firmware update sections. Understand the far-reaching implications of these vulnerabilities, including the potential for arbitrary code execution and compromising entire system security. Learn how these exploits can render "below-the-OS" security measures ineffective, bypassing even Secure Boot protections. Gain insights into the researchers' successful privilege escalation from OS to firmware level on a real device vulnerable to LogoFAIL. This 44-minute presentation offers a comprehensive look at the security risks associated with parsing complex file formats during critical platform startup stages.

Syllabus

LogoFAIL: Security Implications of Image Parsing During System Boot

Taught by

Black Hat

Reviews

Start your review of LogoFAIL - Security Implications of Image Parsing During System Boot

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.