Forgotten Microsoft-Signed Bootloaders Let Hackers Bypass Secure Boot For 11 Years
As it turns out, the batch of expiring Secure Boot certificates isn't the only Secure Boot-related concern that Microsoft and the public need to worry about this year. ESET Researchers have uncovered 11 vulnerable UEFI shim bootloaders signed and forgotten by Microsoft for a decade. The nature of these shims allows them to be flashed on any PC with Microsoft's third-party UEFI certificate installed, which then opens the PC to rootkits and other forms of hard-to-remove malware.
UEFI shims are most commonly associated with Linux, as they're minimal first-stage bootloaders that Microsoft signs so they can boot under Secure Boot. As a result, the affected shims primarily come from various Linux distributions, although similar signed binaries are also used by some UEFI utilities and diagnostic tools. The issue isn't that these components contain newly discovered vulnerabilities. Instead, they involve previously disclosed flaws that have already been patched upstream. Older vulnerable...
Copyright of this story solely belongs to hothardware.com. To see the full text click HERE