Re: The real solution
Two things come to mind.. Why so long between vulnerability and detection? And how can we be sure fancy bear isn't just a drop bear in drag. And this shows there are.. problems with UEFI
If I were really paranoid, I would suspect that this has been in the wild since maybe 2010 but only used on highly targeted, high value targets. From the description, there's no telling how long it's been out there and there's no real fix except as the article mentioned.
Biting the hand that feeds IT
