'No new vulnerability is needed to bypass UEFI Secure Boot': Experts find attackers can exploit decades-old…
- ESET discovers 11 vulnerable UEFI shim bootloaders signed by Microsoft, allowing attackers to bypass Secure Boot and deploy malicious bootkits
- Any UEFI system trusting Microsoft’s 2011 third‑party certificate could be exposed, potentially billions of devices; attackers can bring old trusted shims to new systems
- Microsoft has revoked the vulnerable shims, and users should apply the latest UEFI revocations (Windows auto‑updates, Linux via LVFS) to block exploitation
Cybersecurity experts from ESET have discovered 11 vulnerable UEFI shim bootloaders, all signed by Microsoft, which could allow threat actors to exploit ancient vulnerabilities and bypass UEFI Secure Boot, deploying all sorts of malicious bootkits.
A shim is a small, intermediary bootloader that works as a bridge between a computer's firmware (UEFI) and the operating system's bootloader. Its primary purpose is to allow operating systems to work with UEFI Secure Boot without having Microsoft sign every Linux bootloader individually.
Any UEFI-based machine...
Copyright of this story solely belongs to techradar.com. To see the full text click HERE