Firmware News, Articles and Updates

Lenovo patches 14-year-old vulnerability

Lenovo released a patch for a vulnerability introduced 14 years ago via a firmware update by the now-defunct Nortel Networks and its blade server and switch business unit.

Security issue found in AMD's Platform Security Processor

Security researchers have discovered a flaw in the AMD PSP (Platform Security Processor), which could enable hackers to execute code in a security module that stores data such as passwords, certificates, and encryption keys.

Backdoor ships SMS data back to China

A firmware code created by a Chinese company called Adups has been found to be collecting vasts amount of user information and sending it to servers located in China according to US cyber-security firm Kryptowire.

Apple addresses KRACK exploits in AirPort Base Station firmware

Apple has continued to roll out patches to fix the KRACK (Key Reinstallation AttaCKs) series of vulnerabilities, this time in its AirPort Base Station firmware.

Unencrypted requests for updates by NAS exposes users to malicious updates

F-Secure researchers find multiple vulnerabilities in a NAS device that attackers can use to steal data and passwords, or even remotely execute commands.