Homepage News Details
Microsoft fixes Surface firmware vulnerability that could brick devices
2026-06-15 15:46
Favorite

en.Wedoany.com Reported - Australian security researcher Jack Darcy discovered a firmware vulnerability in Microsoft Surface devices that allows a single packet to brick the device, but only if the user has disabled Secure Core and Secure Boot. Microsoft's Copilot AI software played a key role in this discovery.

Darcy explained to the media that his instance of Microsoft Copilot accidentally triggered the vulnerability when asked to adjust the screen backlight of a Surface device. The Python script generated by Copilot ultimately overwrote the embedded controller firmware, rendering the laptop inoperable. During the process of probing backlight control values, Copilot autonomously created and executed four progressively aggressive Python scripts that sent raw SSAM ioctl commands (SSAM_CDEV_REQUEST = 0xC028A501) to the SAM microcontroller via the SAM software path. SAM, or SSAM, is the embedded controller used in Surface devices, and Microsoft's implementation on this controller lacks a defense mechanism against arbitrary write values.

Microsoft does not consider this vulnerability to pose a real threat. A spokesperson stated that successfully exploiting the vulnerability would require an attacker to interact with specific drivers and send commands to the hardware interface, while also needing administrator privileges and disabling the Secure Boot feature.

Darcy noted that typically, digital devices require pressing a button or connecting a jumper to enable arbitrary write access, but Surface devices lack this safety check, allowing Copilot to corrupt the firmware in the absence of Secure Core and Secure Boot. The probing triggered a SAM update command, overwriting the UEFI and Secure Boot firmware. Affected Surface devices would fail to initialize upon reboot and would be unable to perform a power-on self-test.

The Python script written by Copilot on Darcy's Surface device blindly iterated over specific target categories and command IDs (CIDs), sending empty payloads to the WRITE command. As a result, SET Feature Report and Output Report were invoked with empty payloads, and other CIDs were hit by SET commands writing garbage data, rendering the device inoperable. According to reports, devices rendered non-functional due to SAM access are permanently bricked and require motherboard replacement.

Darcy stated that the SAM bus design is flawed, with a dangerous interleaving of CIDs. Reads and writes are interleaved in the same numbering space without a safe probing range, and scanning two consecutive CIDs carries a 50% risk of hitting a write command.

The Register inquired with Microsoft about this matter on March 10, 2026. A company spokesperson suggested that researchers contact the Microsoft Security Response Center (MSRC). On March 12, with the help of Microsoft's media relations, Darcy had a conversation with Madeline Eckert, a senior program manager at MSRC. Microsoft acknowledged the vulnerability and committed to releasing a fix. Most affected devices have already been updated via Windows Update or will receive updates in the coming weeks. Microsoft stated that the issue does not meet the CVE standard.

Users running Linux, Windows users who have disabled Secure Core and Secure Boot for gaming, users using custom Windows drivers, or users who have enabled USB booting may still be vulnerable if their systems have not yet received the update. Sources indicate that all Surface devices (Surface Laptops 3-6, Surface Book 1-3) except the Surface Go models are affected, and ARM variants have not yet been tested.

During the patching process, Microsoft plans to migrate the Surface stack to Rust. David Abzarian, Microsoft's Principal Architect for Surface, stated that future Surface for Business hardware will transition to a more secure architecture based on Rust code, covering embedded controllers, UEFI, and some drivers. Microsoft is building embedded controller firmware and UEFI DXE cores in Rust through the Secure EC and Project Patina initiatives, and is helping to develop the Windows Drivers in Rust (WDR) framework.

Darcy commented that the ability to irreversibly destroy a device from user space is an interesting design decision. He praised the Microsoft Surface series but hopes for more innovation in validating incoming data at the firmware layer. Microsoft provided Darcy with a Surface laptop as a token of appreciation.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com

America
Information and CommunicationInformation Security and Data Security Engineering
Previous:GITEX Berlin Sets New AI Direction for Europe's €1.5 Trillion Tech Economy
Next:U.S. Department of State Signs Two-Year Disaster Response Agreement with SpaceX Starlink
Related Products
Negotiable
GYTA Type Non-Self-Supporting Aerial/Duct Optical Cable
TONGDING INTERCONNECTION INFORMATION CO., LTD.
Negotiable
Unmanned Driving FAO
UniTTEC Co., Ltd.
Negotiable
Flat Portable Satellite Terminal 0.35m Aperture Manual Portable Terminal
China Starwin Science & Technology Co., Ltd.
Negotiable
Conveyor Belt Intelligent Monitoring System
LUO YANG WIRE ROPE INSPECTION TECHNOLOGY CO., LTD.
Negotiable /Set
Bolande Application Server Software V9.5
Beijing Baolande Software Corporation
Negotiable
Intelligent Manufacturing
DONGFANG ELECTRIC CORPORATION
Negotiable
Single-mode Fiber G.652B
SHENZHEN SDG INFORMATION CO., LTD.
Negotiable
Automatic Aiming Laser Remote Obstacle Removal Robot
Pinggao Group Weihai High-Voltage Apparatus Co., Ltd.
Negotiable
Service Robot
Hangzhou GOLONG Technology Co., Ltd.
Negotiable
Mining Intelligent Rope-replacement Robot
Zhonggan Group
Negotiable
Fiber Optic Connector
Jingye Group Co., Ltd.
Negotiable
Neolix X3 Autonomous Delivery Vehicle
Neolix Beijing Technology Co., Ltd.
Related Recommendations
Slovenia's ELES Joins EU AI Grid Model Project
2026-06-15
IEC Telecom Establishes Local Company in Indonesia to Expand Satellite Connectivity Services
2026-06-15
India's TRAI Drives V2X Communication Rules to Reshape Smart Highway Connectivity
2026-06-15
India's TCS Partners with Anthropic to Scale Enterprise Generative AI Deployment
2026-06-15
Philippine Department of Science and Technology to Pilot Intelligent Traffic System for Emergency Vehicles
2026-06-15
Philippine Department of Science and Technology to Pilot Intelligent Traffic System for Emergency Vehicles
2026-06-15
Alibaba Cloud Launches Johor Public Cloud Region in Malaysia
2026-06-15
China's Songyan Power Launches OpenHarmony-Powered N2 Consumer-Grade Humanoid Robot
2026-06-15
Manz Asia Successfully Delivers World's First 310mm Panel-Level Packaging ECD Mass Production System
2026-06-15
Westwell Expands Air Cargo Operations with AI + New Energy Strategy
2026-06-15
Lastest Bulletin
1
China's XCMG Unveils Zero-Carbon Smart Mining Solution in Kazakhstan
2
China Bans Transfer of Mining Rights Obtained Through Agreement Within Five Years
3
Slovenia's ELES Joins EU AI Grid Model Project
4
Accident Halts Production at Kootenay Silver's Columba Silver Project in Mexico
5
Canadian Mining Company Hemlo Mining Shareholders Approve Redomiciliation and TSX Uplisting
6
FedEx Launches Bundaberg Logistics Facility in Australia, Processing 1,500 Packages Per Hour
7
In 2026, Saarland, Germany, tests 44 Flirt Akku battery trains
8
U.S. Department of Transportation Releases $626.7 Million in Multimodal Grants in June 2026
9
China's Zoomlion Secures Over 1 Billion Yuan in Orders at KOMATEK, Deepening Presence in Turkey
10
Seven Pacific Island Nations Sign Charter to Jointly Reform Domestic Shipping