logoalt Hacker News

drdexebtjltoday at 1:48 AM2 repliesview on HN

I wish the author went into a bit more detail about how MSI fixed it, as is usual in write ups like this.

It left me thinking maybe the patch introduced a different vulnerability that’s still under an embargo :)


Replies

ashiknstoday at 8:11 AM

Video by GN has a little bit of info (but not a lot). Basically they made it so that the pipes only accept input from MSI signed software + the pipes can only invoke MSI signed executables.

https://youtu.be/Eck8NnoaD4M

show 1 reply
KennyBlankentoday at 2:02 AM

More likely MSI just being MSI. They're infamous for being far more concerned about image than most vendors so don't expect much info.