AMI and Microsoft Announce Patch for Systems Deployed with UEFI Test Keys

AMI and Microsoft Announce Patch for Systems Deployed with UEFI Test Keys

AMI in the News, Firmware Security, Tech Blog

To assist in securing AMI’s OEM/ODM partner systems and their customers who have deployed those systems, AMI and Microsoft have released an open-source patch for platforms running AMI’s Aptio® V UEFI BIOS Firmware on Windows® that were produced and put into service with a test version of the Platform Key (PK).

This patch should serve as mitigation to CVE-2024-8105, also referred to as “PKFail”. The mitigation is licensed and distributed as open source, with no guarantee or support from Microsoft, AMI or other affiliates. In the case of multiple system deployment, the patch should be tested prior to installation across all systems.

ODMs, OEMs, CSPs, Tier 2/3 datacenters, and individual users of Aptio V UEFI BIOS can determine if they have a test version of the PK running by leveraging the Windows Powershell script provided with the mitigation.

Downloads of the patch can be found at https://github.com/CERTCC/PKfail/.

About AMI

AMI is Firmware Reimagined for modern computing. As a global leader in Dynamic Firmware for security, orchestration, and manageability solutions, AMI enables the world’s compute platforms from on-premises to the cloud to the edge. AMI’s industry-leading foundational technology and unwavering customer support have generated lasting partnerships and spurred innovation for some of the most prominent brands in the high-tech industry. 

You May Also Like…