Microsoft Patches Critical Firmware Flaw in Surface Devices Exposed by Copilot

Microsoft has addressed a firmware vulnerability in Surface devices that allowed them to be bricked by a single malformed packet. The flaw was identified when Microsoft Copilot inadvertently generated a Python script that overwrote the embedded controller firmware while attempting to adjust screen backlight settings. This issue primarily affects Surface devices with Secure Core and Secure Boot disabled. Microsoft claims that exploitation requires administrator privileges and specific driver interactions, making it less likely to be a practical threat. However, the absence of security checks in the firmware allowed Copilot to execute arbitrary writes, leading to device inoperability upon reboot. The vulnerability has been a topic of discussion in online support forums for Surface devices. Microsoft has been patching this issue over the past 90 days, and the current status indicates that the flaw has mostly been repaired.

Key Points: • A firmware flaw in Microsoft Surface devices allowed bricking via a single packet. • The vulnerability was revealed by Microsoft Copilot during a routine backlight adjustment. • Microsoft has mostly patched the issue, but exploitation requires specific conditions.