Firmware Security
The latest Firmware Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft’s July 2026 Surface Firmware Update Closes a High-Severity Privilege Escalation Hole (CVE-2026-48581)
On July 14, 2026, Microsoft disclosed CVE-2026-48581, a local elevation-of-privilege vulnerability in the firmware of multiple Surface devices. Rated 7.8 on the CVSS scale (High), the bug could allow...
Expired Secure Boot Certificates Spark Microsoft's Auto-Update Expansion: What Windows 10 Users Need to Know
On June 24, a foundational layer of security protecting millions of Windows 10 PCs expired, forcing Microsoft to accelerate an automated certificate-renewal push that same day. The Secure Boot...
CISA Advisory: CubeSpace CW0057 Firmware Vulnerability Allows Malicious Code Injection
The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent industrial control systems advisory on July 2, 2026, warning that satellite reaction wheels manufactured by CubeSpace...
AMD Brings TSME Back to Non-PRO Ryzen 9000 CPUs: BIOS Fix Arrives July 2026
AMD has confirmed it will restore the Transparent Secure Memory Encryption (TSME) BIOS option, branded as AMD Memory Guard, on select non-PRO Ryzen 9000 desktop processors. The update, set to roll...
Secure Boot Certificate Upgrade: 2011 Keys Expire 2026—Act Now
Every Windows PC that relies on Secure Boot faces a hard deadline in the summer of 2026. On July 1, 2026, the root certificate that has authenticated the Windows boot process since the days of...
Microsoft CTO Uses Claude AI to Decompile 6502 Binary, Uncovering Firmware Vulnerabilities
Microsoft Azure CTO Mark Russinovich has demonstrated a breakthrough in AI-powered security analysis by feeding a four-decade-old Apple II binary into Anthropic's Claude Opus 4.6. The AI model...
Microsoft CTO's Apple II Demo Shows LLMs Can Decompile Firmware at Scale, Raising Security Concerns
Mark Russinovich, Microsoft Azure's chief technology officer, has repurposed a 40-year-old Apple II utility he wrote as a teenager into a demonstration that reveals modern large language models can...
Microsoft's Russinovich Uses Apple II Demo to Expose AI's Firmware Reverse-Engineering Threat
Mark Russinovich's thirty-plus-year-old Apple II utility has become an unlikely canary in a rapidly evolving threat: modern large language models can reverse engineer raw machine code and surface...
Windows 11 Secure Boot Certificate Refresh: Microsoft's 2023 CA Rollout Explained
Microsoft has initiated a critical, platform-wide refresh of the cryptographic certificates that protect Windows 11's pre-boot environment, delivering new Secure Boot certificates through Windows...
USR W610 Serial Gateway ICS Vulnerabilities: Critical Security Alert for Industrial Networks
A high-severity Industrial Control Systems (ICS) security advisory has been issued for Jinan USR IOT Technology's USR-W610 serial-to-Wi-Fi/Ethernet converter, revealing four critical vulnerabilities...
Pre-OS Takeover: U-Boot’s Unpatched Network Bug Threatens Embedded Devices Everywhere
{ "title": "Pre-OS Takeover: U-Boot’s Unpatched Network Bug Threatens Embedded Devices Everywhere", "content": "The network packet arrived before the device had even loaded its operating...
CVE-2021-28216 Explained: UEFI Firmware Vulnerability & Windows Security Fixes
A critical vulnerability in UEFI firmware implementations has exposed millions of Windows devices to potential exploitation, with CVE-2021-28216 representing a fundamental flaw in how boot firmware...