Microsoft could finally be cutting down on this security flaw

Sead Fadilpašić

July 27, 2023 at 10:13 AM·2 min read

Defender for IoT, Microsoft’s IoT-oriented antivirus program, is getting a new feature to cut down on firmware attacks. Called Firmware Analysis, the feature does exactly what the name suggests - analyses firmware in embedded Linux devices for vulnerabilities and known weaknesses.

The tool, which is currently in Public Preview, can scan the firmware for devices such as routers, looking for known vulnerabilities like hardcoded user accounts, outof-date open-source packages, or the use of the manufacturer’s private cryptographic signing key.

"Firmware analysis takes a binary firmware image that runs on an IoT device and conducts an automated analysis to identify potential security vulnerabilities and weaknesses," said Microsoft's Derick Naef. "This analysis provides insights into the software inventory, weaknesses, and certificates of IoT devices without requiring an endpoint agent to be deployed."

Analyzing firmware

At the moment, the tool offers different tools that analyze IoT device firmware security such as Software Bill of Materials (lists open-source packages used to build the firmware), CVE Analysis (analyses firmware components for publicly known security flaws), Binary Hardening Analysis (lists binaries compiled without security flags), SSL Certificate Analysis (pinpoints expired and revoked TLS/SSL certificates), Public and Private Key Analysis (verifies public and private cryptographic keys in the firmware), and Password Hash Extraction (checks if the password hashes use secure cryptographic algorithms).

> Microsoft Defender for Endpoint wants to help your employees use iOS devices

> Microsoft Defender Antivirus is getting a new performance mode, but you probably won't ever see it

> Here are the best malware removal tools

Those interested in giving the new tool a spin should head over to “Firmware analysis (preview) in Defender for IoT and upload the firmware image from their endpoint.

"The Defender for IoT Firmware Analysis feature is automatically available if you currently access Defender for IoT using the Security Admin, Contributor, or Owner role," Microsoft says. "If you only have the SecurityReader role or want to use Firmware Analysis as a standalone feature, then your Admin must give the FirmwareAnalysisAdmin role."

Check out the best firewalls around

Yahoo Sports
Former NBA guard Darius Morris dies at 33
Former NBA guard Darius Morris has died at the age of 33. He played for five teams during his four NBA seasons. Morris played college basketball at Michigan.
Yahoo Sports
Caitlin Clark catches fire from 3 in WNBA preseason; Arike Ogunbowale's late heroics send Wings past Fever
Caitlin Clark’s WNBA preseason debut went much like her senior year at Iowa. She hit a bunch of 3s and did so in front of a sold-out crowd.
Yahoo Sports
2024 NFL Draft grades: Denver Broncos earn one of our lowest grades mostly due to one pick
Yahoo Sports' Charles McDonald breaks down the Broncos' 2024 draft.
Yahoo Sports
NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?
Which teams did the best in the NFL Draft?
Yahoo Sports
NBA playoffs: Predictions for each second-round series and Game 7 of Cavaliers-Magic
Our NBA staff makes its picks for Knicks-Pacers and every second-round series, plus the only Game 7 of the first round.
Yahoo Sports
Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race
Race organizers say they'll revoke a Trump fundraiser's suite license if he holds an event for the former president on Sunday at the race.
Yahoo Sports
New details emerge in alleged gambling ring behind Shohei Ohtani-Ippei Mizuhara scandal
It turns out the money was going from Ohtani's bank account to an illegal bookie to ... casinos.
Yahoo Sports
The best RBs for 2024 fantasy football according to our analysts
The Yahoo Fantasy football analysts reveal their first running back rankings for the 2024 NFL season.
Yahoo Sports
NFL Draft grades for all 32 teams | Zero Blitz
Jason Fitz and Frank Schwab join forces to recap the draft in the best way they know how: letter grades! Fitz and Frank discuss all 32 teams division by division as they give a snapshot of how fans should be feeling heading into the 2024 season. The duo have key debates on the Dallas Cowboys, New York Giants, New Orleans Saints, Los Angeles Rams, New England Patriots, Las Vegas Raiders and more.
Yahoo Sports
Lakers fire head coach Darvin Ham after just 2 seasons, latest playoff series loss to Nuggets
Despite a trip to the Western Conference finals in his first season with the team, the Lakers are now ready to look for a replacement for Darvin Ham.
Yahoo Finance
CVS stock plunges after earnings numbers one analyst 'did not even believe'
CVS warns it could cede Medicare Advantage market share as reimbursement rates pressure the company.
Yahoo Finance
Warren Buffett pays tribute to Charlie Munger on a 'tough day' for shareholders
This year’s Berkshire Hathaway annual shareholder meeting marked a new era for the Oracle of Omaha, Warren Buffett. It’s the investing legend’s first without his right-hand man, Charlie Munger.
Yahoo Life Shopping
Does castor oil really help with hair growth? We asked the experts, and their answer may surprise you
It's inexpensive, but is it effective? Dermatologists' verdict is in — and it's unanimous.
Yahoo Sports
Diana Taurasi’s trash-talking, in-your-face ways may be a bit of a shock to new WNBA fans
Caitlin Clark fans beware: You never know what the 20-year veteran might say … or do.
TechCrunch
Acura’s new all-electric SUV proves the most expensive model isn’t always the best
The first electric vehicle I ever drove was a Tesla Roadster in 2011. It was with great anticipation that I slid behind the wheel of the 2025 Acura ZDX Type S. Sure, it's a midsize SUV, but it wears the Type S moniker, a name reserved only for the most fun-to-drive in the Acura stable. On launch, the ZDX will be available in A-Spec and Type S trims -- both of which come equipped with a 102 kWh battery.
Yahoo Sports
Wide receiver rankings for fantasy football 2024
The Yahoo Fantasy football analysts reveal their first wide receiver rankings for the 2024 NFL season.
Yahoo Sports
How to watch the 2024 WNBA preseason: Caitlin Clark’s next Indiana Fever game time, channel and more
The WNBA preseason tips off this Friday. Here's how you can catch Caitlin Clark's first game.
Yahoo Sports
Tight end rankings for 2024 fantasy football 2024
The Yahoo Fantasy football analysts reveal their first tight end rankings for the 2024 NFL season.
Yahoo Sports
WWE Backlash France 2024 results, grades and analysis: Cody Rhodes defeats A.J. Styles in first title defense
The Lyon, France crowd was electric start-to-finish in WWE's first major event since WrestleMania 40
Yahoo Sports
Ex-Florida State QB and 1999 Fiesta Bowl starter Marcus Outzen dies at 46
The Seminoles lost 23-16 to Tennessee in the first-ever BCS title game.

News

Life

Entertainment

Finance

Sports

New on Yahoo

Microsoft could finally be cutting down on this security flaw

Analyzing firmware

Recommended Stories

Former NBA guard Darius Morris dies at 33

Caitlin Clark catches fire from 3 in WNBA preseason; Arike Ogunbowale's late heroics send Wings past Fever

2024 NFL Draft grades: Denver Broncos earn one of our lowest grades mostly due to one pick

NFL Power Rankings, draft edition: Did Patriots fix their offensive issues?

NBA playoffs: Predictions for each second-round series and Game 7 of Cavaliers-Magic

Formula 1: Miami Grand Prix sends cease and desist letter to prevent Donald Trump fundraiser during race

New details emerge in alleged gambling ring behind Shohei Ohtani-Ippei Mizuhara scandal

The best RBs for 2024 fantasy football according to our analysts

NFL Draft grades for all 32 teams | Zero Blitz

Lakers fire head coach Darvin Ham after just 2 seasons, latest playoff series loss to Nuggets

CVS stock plunges after earnings numbers one analyst 'did not even believe'

Warren Buffett pays tribute to Charlie Munger on a 'tough day' for shareholders

Does castor oil really help with hair growth? We asked the experts, and their answer may surprise you

Diana Taurasi’s trash-talking, in-your-face ways may be a bit of a shock to new WNBA fans

Acura’s new all-electric SUV proves the most expensive model isn’t always the best

Wide receiver rankings for fantasy football 2024

How to watch the 2024 WNBA preseason: Caitlin Clark’s next Indiana Fever game time, channel and more

Tight end rankings for 2024 fantasy football 2024

WWE Backlash France 2024 results, grades and analysis: Cody Rhodes defeats A.J. Styles in first title defense

Ex-Florida State QB and 1999 Fiesta Bowl starter Marcus Outzen dies at 46