Security researchers have disclosed an unpatched weakness in Microsoft Windows Platform Binary Table (WPBT) affecting all Windows-based devices since Windows 8 that could be potentially exploited to install a rootkit and compromise the integrity of devices.
“These flaws make every Windows system vulnerable to easily-crafted attacks that install fraudulent vendor-specific tables,” according to security researchers. “These tables can be exploited by attackers with direct physical access, with remote access, or through manufacturer supply chains. More importantly, these motherboard-level flaws can obviate initiatives like Secured-core because of the ubiquitous usage of ACPI [Advanced Configuration and Power Interface] and WPBT.”
In response to the findings, Microsoft has recommended using a Windows Defender Application Control (WDAC) policy to tightly restrict what binaries can be permitted to run on the devices.
While there is no single way to prevent being targeted, BW Cyber Services can help you review your security configurations to ensure all necessary and appropriate protections are in place. Furthermore, we can assess the risks in your organization, review your response plans, conduct phishing campaigns and penetration testing, and we offer a variety of other services to meet your cybersecurity needs. For more information on how BW Cyber Services can assist you, please contact us at firstname.lastname@example.org.