Supermicro, Pulse Secure release fixes for 'TrickBoot' attacks


Level 74
Content Creator
Malware Hunter
Aug 17, 2014
Supermicro and Pulse Secure have released advisories warning that some of their motherboards are vulnerable to the TrickBot malware's UEFI firmware-infecting module, known as TrickBoot.
Last year, cybersecurity firms Advanced Intelligence and Eclypsium released a joint report about a new malicious firmware-targeting 'TrickBoot' module delivered by the notorious TrickBot malware.
In an advisory released today, Supermicro is warning that some of their X10 UP motherboards are vulnerable to the TrickBoot malware and have released a 'critical' BIOS update to enable write protection.
"Supermicro is aware of the Trickboot issue which is observed only with a subset of the X10 UP motherboards. Supermicro will be providing a mitigation for this vulnerability," Supermicro warned today in a security advisory. [...]
Pulse Secure also issued an advisory as their Pulse Secure Appliance 5000 (PSA-5000), and Pulse Secure Appliance 7000 (PSA-7000) devices run on vulnerable Supermicro hardware. [...]