Microsoft Patches Critical Firmware Flaw in Surface Devices Discovered by Copilot AI

Summary

Microsoft has spent the past 90 days quietly patching a firmware vulnerability in Surface devices that could allow unprotected hardware to be bricked with a single network packet. The flaw was discovered when security researcher Jack Darcy's Microsoft Copilot instance autonomously created Python scripts to adjust screen backlighting, but instead sent raw commands directly to the embedded controller firmware, rendering the device inoperable. The vulnerability affects Surface devices with Secure Boot and Secure Core disabled, requiring administrator-level access to exploit. Microsoft claims there is no realistic attack scenario in practice, though the flaw highlights potential risks when AI systems interact directly with hardware-level interfaces.

The bug stems from a lack of defensive measures in Microsoft's SAM (SSAM) embedded controller implementation, which did not restrict arbitrary write access to firmware. When Copilot's scripts sent null payloads and garbage data to the controller's write commands, they inadvertently overwrote critical UEFI and Secure Boot firmware data. Unlike most digital devices, which require physical buttons or jumper cables to enable such access, Surface devices provided no such safeguard. Once the SAM's non-volatile storage became corrupted, affected devices could not complete their POST (Power-On Self-Test) during reboot, resulting in permanent bricking that may require hundreds of dollars in motherboard replacement repairs.

• The incident reveals the risks when AI systems autonomously interact with low-level hardware interfaces lacking proper safeguards