Saturday, August 30, 2008

Password Related Vulnerabilities

Hi All,

There have been a number of vulnerabilities announced recently by iViZ that affect a number of products. These issues are either motherboard BIOS password bypass vulnerabilities, boot loader security model password vulnerabilities (using similar techniques) or disk encryption password vulnerabilities.

The worst reaction to these vulnerabilities was, unfortunately, from the Open Source Software product TrueCrypt (that I know a number of us use), however they have addressed these vulnerabilities in their latest release. A number of vendors have acknowledged these vulnerabilities and are working on fixes. Some have already been fixed.

So, if you use a motherboard, a boot loader or a disk encryption product, please have a look at this site and see if your and/or your clients’ systems may be affected by these issues.

Regards,

The Outspoken Wookie

No comments: