Latest Rufus release fixes side-loading vulnerability

Rufus, one of my favorite open source tools, is now available in a new version. Rufus 4.7 is a security release that includes new features and non-security fixes.

The developer fixed a side-loading vulnerability in the application that allowed an attacker to load a malicious DLL with escalated privileges.

For this to work, the attacker had to plant the malicious DLL file into the same directory as the Rufus executable. The impact seems low, but it is still good that the issue got fixed.

Here is the info provided on the Rufus Security forum:

A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges (since the executable has been granted higher privileges during the time of launch) due to the ability to inject a malicious cfgmgr32.dll in the same directory as the executable and have it side load automatically. Versions 4.7 and later are not affected by this vulnerability.

So, it is recommended to update Rufus to the latest version to patch the issue.

Note that the internal update finder may not find the update yet. You can download it manually from the project’s GitHub repository in the meantime.

As far as other features are concerned, there are a handful:

• Ability to detect and download updated DBXs from the official UEFI repository.
• Support for ztsd compression for disk images added.
• Exclusion feature in Settings to “ignore disk with a specific GPT GUID”.

There are also some fixes included, which you find listed here.