An unpatched vulnerability in Microsoft Windows Platform Binary Table (WPBT) has been identified by the cybersecurity researchers of Eclypsium.
This bug is continuously attacking all Windows-based devices since Windows 8 could be possibly exploited to install a rootkit as well as to negotiate the integrity of devices.
Moreover, these types of bugs generally make every Windows system weak and unsafe, and threat actors easily-crafts attacks that install fraudulent vendor-specific tables.
WPBT – The OEM Rootkit
However, the Windows Platform Binary Table (WPBT) is an ACPI table that was initially introduced in Windows 8. And ACPI has come with the aim to give the OS more control, WPBT can give the firmware a foothold in the OS.
This functionality was dedicated to let OEMs incorporate the following things:-
Important filesDriversExecutables for the system
And it does not require modifying the Windows image on disk, so, this particular technology has been used by a number of vendors that also include Lenovo, ASUS, and many more.
Read the article