Bricked By It’s Own LLM’s Commands
Redmond found a new way to make use of Copilot, a way to brick Microsoft Surface devices with a single packet under certain circumstances. They’ve been quietly pushing BIOS updates to fix the issue, which is unlikely to ever occur in the wild but is still an impressive flaw. If Secure Boot is disabled, which takes out Secure Core as well, an unpatched Microsoft Surface could overwrite it’s own UEFI and Secure Boot firmware and render it impossible to POST. Although the chances of this happening are rather low, the damage it could cause is significant.
The problem was discovered thanks to a Copilot-conjured Python script to adjust the screen backlighting on a Microsoft Surface and the vibe coded script instead bricked the entire device. It turns out these devices depend entirely on Secure Boot to prevent the hardware controller in Microsoft Surface devices from dumping arbitrary write values into the UEFI or other places it shouldn’t.
The Register has heard tell of issues like this before, and while they couldn’t confirm this scenario is what bricked those machines, once you install this new BIOS you can at least be sure this specific bug won’t brick your device.
