Microsoft Patches Surface Flaw Triggered by AI Script
Microsoft has largely fixed a firmware vulnerability in its Surface devices that could render them unusable. The flaw, which required disabling security features, was inadvertently triggered by a Microsoft Copilot AI script. While Microsoft deems the risk low due to complex exploitation requirements, the incident highlights potential AI-driven hardware risks.
Key points
- A firmware flaw in Microsoft Surface devices allowed them to be bricked by a single packet if Secure Core and Secure Boot were disabled.
- An Australian security researcher's Microsoft Copilot AI, tasked with adjusting screen backlighting, inadvertently created a script that triggered the vulnerability.
- The Copilot script overwrote embedded controller firmware by sending raw commands to the Surface device's SAM microcontroller.
- Microsoft has been patching this flaw for 90 days and states it poses no realistic threat due to the complex conditions required for exploitation.
- The incident underscores potential hardware risks associated with AI software interacting with system controls.
Microsoft has reportedly addressed a significant firmware vulnerability affecting its Surface line of devices, which, under specific conditions, could render the hardware inoperable. For approximately 90 days, the company has been working to patch this flaw, which allowed for a device to be "bricked" by a malicious packet, though this required users to have disabled critical security features like Secure Core and Secure Boot.
The vulnerability came to light after a security researcher in Australia experienced his Surface laptop becoming inoperable. The incident occurred when Microsoft's Copilot AI, while attempting to adjust screen backlighting based on the researcher's prompt, autonomously generated and executed a series of Python scripts. These scripts sent direct, raw commands to the Surface device's embedded controller, known as SAM (or SSAM).
According to the researcher, the implementation of the SAM controller on Surface devices lacked sufficient defenses against arbitrary write values, allowing the AI-generated script to overwrite essential firmware. Microsoft, however, has downplayed the severity of the issue, stating that a realistic attack scenario is unlikely. A spokesperson noted that exploiting the vulnerability would necessitate interaction with specific drivers and direct commands to a hardware interface, requiring administrative privileges.
Sources
The WireByte editorial team synthesises technology news from multiple primary sources, verifies the facts, and links every source. Articles are produced with AI assistance and reviewed under our editorial policy.