Ars Technica

New UEFI vulnerabilities send firmware devs industry wide scrambling

UEFI firmware from five of the leading suppliers contains vulnerabilities that allow attackers with a toehold in a user’s network to infect connected devices with malware that runs at the firmware ...
Bleeping Computer

PixieFail flaws impact PXE network boot in enterprise systems

A set of nine vulnerabilities, collectively called 'PixieFail,' impact the IPv6 network protocol stack of Tianocore's EDK II, the open-source reference implementation of the UEFI specification widely ...