NSA-Inspired Vulnerability Found in Huawei Laptops

2019-03-29T11:11:13
ID SCHNEIER:BE8D4E62479D6CE40241C6FA2B4016EE
Type schneier
Reporter Bruce Schneier
Modified 2019-03-29T11:11:13

Description

This is an interesting story of a serious vulnerability in a Huawei driver that Microsoft found. The vulnerability is similar in style to the NSA's DOUBLEPULSAR that was leaked by the Shadow Brokers -- believed to be the Russian government -- and it's obvious that this attack copied that technique.

What is less clear is whether the vulnerability -- which has been fixed -- was put into the Huwei driver accidentally or on purpose.