Is Your Computer at Risk from the Logo Fail Exploit?

  • Thread starter Thread starter WWGD
  • Start date Start date
Click For Summary

Discussion Overview

The discussion revolves around the Logo Fail exploit, which is characterized by vulnerabilities in firmware that may allow malware to be spread through images. Participants explore the implications of these vulnerabilities, their potential risks, and methods of protection, while also questioning the nature of the exploit itself.

Discussion Character

  • Debate/contested
  • Technical explanation
  • Exploratory

Main Points Raised

  • Some participants express concern about the severity of the Logo Fail exploit and its implications for computer security.
  • Others argue that calling it an 'exploit' is misleading, suggesting it is better described as a series of vulnerabilities without evidence of active exploitation.
  • A participant notes that the vulnerabilities were discovered by a research group and disclosed to vendors, leading to BIOS patches, although one vendor acted prematurely.
  • There is a discussion about the necessity of administrator access for an attacker to exploit these vulnerabilities, with some suggesting that this access fundamentally compromises security regardless of the specific exploit.
  • Concerns are raised about the distraction caused by technical attack headlines, with a suggestion that social engineering poses a more significant threat.
  • One participant expresses confusion about how image files can transmit malware, prompting another to explain the concept of steganography, where malware can be hidden within the pixels of an image.

Areas of Agreement / Disagreement

Participants do not reach a consensus on the nature of the Logo Fail issue, with ongoing debate about its classification as an exploit versus vulnerabilities. There are differing views on the level of threat it poses compared to other security risks.

Contextual Notes

Some participants highlight the importance of keeping systems updated and being cautious about granting administrator access, while others emphasize the need for awareness of social engineering threats. The discussion reflects varying levels of understanding regarding the technical aspects of the exploit and its implications.

WWGD
Science Advisor
Homework Helper
Messages
7,785
Reaction score
13,076
How bad serious is the Logo Fail exploit, where malware is spread through images?
Is there a way of booting up in a way that images/logos are not displayed?
 
Reply
  • Wow
Likes   Reactions: Wrichik Basu
Computer science news on Phys.org
Forgot to say YIKES!

This exploit is truly scary.
 
Reply
  • Like
Likes   Reactions: Wrichik Basu and WWGD
  1. Calling LogoFAIL an 'exploit' is misleading (I know it's not your term @WWGD): it is a (series of) vulnerabilities.
  2. No evidence of any attempted exploit involving LogoFAIL has been published.
  3. The vulnerability was discovered by a benign research group sometime in 2023 and disclosed confidentially to vendors: when the discovery was made public on 6 December 2023, BIOS patches were published by all vendors (except Phoenix who in an appalling move jumped the gun on 28 November).
  4. In order to exploit the vulnerability an attacker requires administrator access. Once an attacker has administrator access it is 'game over' as far as security is concerned anyway.

If you follow these two rules you don't need to be afraid of any kind of technical attack on your personal Windows or Mac system*:
  • Keep your system up to date with the latest patches of supported software.
  • Never allow untrusted software to gain administrator access e.g. by saying 'yes' to the "Do you want to allow this app to make changes to your device" dialog unless you are sure that you can trust the relevant app.
* (or Linux if you can be sure of what is 'untrusted software' in this context, and unless you are running a commercial distribution this is very difficult).

jedishrfu said:
This exploit is truly scary.
Only in the sense that if you lend someone the keys to your house they can take a copy and then they can let themselves in whenever they want that is 'truly scary' - but if you lend someone the keys to your house they can do whatever they want while they are there anyway.

Much more dangerous and scary, and something you do need to be constantly cautious of because there is very little by way of automatic defence that can be put in place are social engineering attacks.

Scary headlines about technical attack surfaces distract the attention of the public from the real threat.
 
Last edited:
Reply
  • Like
Likes   Reactions: berkeman and WWGD
Isn't there
pbuk said:
  1. Calling LogoFAIL an 'exploit' is misleading (I know it's not your term @WWGD): it is a (series of) vulnerabilities.
  2. No evidence of any attempted exploit involving LogoFAIL has been published.
  3. The vulnerability was discovered by a benign research group sometime in 2023 and disclosed confidentially to vendors: when the discovery was made public on 6 December 2023, BIOS patches were published by all vendors (except Phoenix who in an appalling move jumped the gun on 28 November).
  4. In order to exploit the vulnerability an attacker requires administrator access. Once an attacker has administrator access it is 'game over' as far as security is concerned anyway.

If you follow these two rules you don't need to be afraid of any kind of technical attack on your personal Windows or Mac system*:
  • Keep your system up to date with the latest patches of supported software.
  • Never allow untrusted software to gain administrator access e.g. by saying 'yes' to the "Do you want to allow this app to make changes to your device" dialog unless you are sure that you can trust the relevant app.
* (or Linux if you can be sure of what is 'untrusted software' in this context, and unless you are running a commercial distribution this is very difficult).


Only in the sense that if you lend someone the keys to your house they can take a copy and then they can let themselves in whenever they want that is 'truly scary' - but if you lend someone the keys to your house they can do whatever they want while they are there anyway.

Much more dangerous and scary, and something you do need to be constantly cautious of because there is very little by way of automatic defence that can be put in place are social engineering attacks.

Scary headlines about technical attack surfaces distract the attention of the public from the real threat.
Fair-enough; I may have jumped the gun. But Jedi's articles refer to it as a vulnerability only:
"LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years...."
 
I'm still puzzled at how image files can transmit malware.
 
Malicious actors can embed malware code or instructions within the pixels of an image file without visibly altering the image's appearance. This technique is called steganography. The malware may be hidden within the least significant bits of the image's pixels, making it difficult to detect without specialized tools.
 
Reply
  • Like
Likes   Reactions: WWGD

Similar threads

Fight against Microsoft Monopoly
  • · Replies 9 ·
Replies
9
Views
3K
Can consumer devices with a pen drive port inject computer viruses?
  • · Replies 14 ·
Replies
14
Views
2K
Current and Future AI Threats to Humanity and the Human Response
  • · Replies 10 ·
Replies
10
Views
5K
Lessons From the Millennium Bug
  • · Replies 25 ·
Replies
25
Views
5K
Why Does Windows 8.1 Flicker After Updates?
  • · Replies 5 ·
Replies
5
Views
3K
Making The Best Use Of RAM In Windows
  • · Replies 1 ·
Replies
1
Views
1K
Windows 10 made a brick out of my laptop
  • · Replies 123 ·
5
Replies
123
Views
20K
Security problems with my home PC
  • · Replies 12 ·
Replies
12
Views
3K
Python Perform an image deconvolution using FFTs and Python
  • · Replies 1 ·
Replies
1
Views
3K
Python Trying to install software on a new PC to run Python code I wrote in 2021
  • · Replies 3 ·
Replies
3
Views
2K