We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

UEFI Vulnerabilities Galore

June 12, 2025

In a recent session before the House Committee on Appropriations, Subcommittee on Transportation, Housing and Urban Development, Acting Administrator of the US Federal Aviation Administration (FAA), Christopher Rocheleau, presented a compelling case for the agency’s fiscal year 2026 budget request. The FAA is seeking an allocation of .0 billion, which would be in addition to a previously committed .0 billion, aimed at addressing critical infrastructure needs.

Modernizing Outdated Systems

Rocheleau’s written testimony highlighted the urgent necessity for modernization, particularly concerning the FAA’s telecommunications infrastructure. Currently, the air traffic control (ATC) system is burdened by antiquated technology, relying on methods that many would consider relics of the past. For instance, the system still utilizes paper strips for tracking aircraft locations, floppy disks for data transfer, and computers operating on Windows 95.

This situation underscores the complexity of replacing such a vital control system, which operates continuously throughout the year. The FAA has set an ambitious four-year timeline for this overhaul, yet the challenges are significant. Any outages in the system pose serious risks to aviation safety, making the stakes incredibly high.

In addition to the ATC system, Rocheleau emphasized the need to replace the existing radar system and transition from traditional point-to-point hardwired circuits to a more modern IP-based network. This shift not only involves technical upgrades but also necessitates careful consideration of security measures, including encryption, multi-factor authentication (MFA), and ongoing monitoring and maintenance.

Moreover, the operational dynamics of the new system must be evaluated. For instance, the question arises whether operators will log in individually to workstations or if shared accounts will be employed. This decision carries implications for both security and usability, as the risks associated with frequent logins and logouts could complicate operational efficiency.

Winsage
UEFI Vulnerabilities Galore