Firmware

Microsoft Surface Brick Flaw: Single Packet DoS Patched

🟠 High | Source: The Register — Security A vulnerability in Microsoft Surface hardware allowed an unpatched device to be permanently bricked by sending a single malicious network packet. The flaw was reportedly exposed inadvertently by Microsoft’s own Copilot AI. Microsoft has largely addressed the issue, though the word ‘mostly’ in the disclosure suggests remediation may not be complete across all affected hardware. Security Architect’s Take: Ensure all Surface devices in your estate have received the latest firmware updates immediately, and review endpoint management policies to confirm firmware patching is enforced through Intune or equivalent MDM. Given the DoS-via-single-packet nature of this flaw, also assess whether Surface devices are adequately isolated from untrusted network segments. ...

+++ title = "Subscribe to ZX Cloud Security" description = "Get daily cloud security advisories, CVEs, and threat intelligence for AWS, GCP and Azure architects — delivered to your inbox every morning." slug = "subscribe" draft = false +++ <div style="max-width: 560px; margin: 2rem auto; text-align: center;"> <p style="font-size: 16px; line-height: 1.7; margin-bottom: 1.5rem;"> Join cloud security architects and engineers who start every morning with the ZX Cloud Security daily digest — Critical and High severity advisories across AWS, Azure and GCP, each with a practical <strong>Security Architect's Take</strong> on what to do about it. </p> <ul style="text-align: left; display: inline-block; margin-bottom: 2rem; line-height: 2;"> <li>🔴 Critical and High advisories prioritised first</li> <li>🤖 AI-enriched with architect-level context</li> <li>☁️ Covers AWS, Azure, GCP and general security</li> <li>📬 Delivered daily at 06:00 UTC</li> <li>✅ Free. No spam. Unsubscribe anytime.</li> </ul> <form action="https://buttondown.com/api/emails/embed-subscribe/zxcloudsecurity" method="post" style="display: flex; flex-direction: column; align-items: center; gap: 0.75rem;" > <input type="email" name="email" id="bd-email" placeholder="your@email.com" required style="width: 100%; max-width: 360px; padding: 0.75rem 1rem; border-radius: 6px; border: 1px solid var(--border); background: var(--entry); color: var(--primary); font-size: 15px;" /> <input type="submit" value="Subscribe — it's free" style="width: 100%; max-width: 360px; padding: 0.75rem 1rem; border-radius: 6px; background: var(--primary); color: var(--theme); border: none; cursor: pointer; font-size: 15px; font-weight: 500;" /> </form> <p style="font-size: 12px; color: var(--secondary); margin-top: 1rem;"> Powered by <a href="https://buttondown.com" target="_blank" style="color: var(--secondary);">Buttondown</a>. Your email is used solely for sending the ZX Cloud Security digest. </p> </div>