11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Boot

Read full story on The Hacker News
Share
11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Boot
AI disclosure

Summary

Cybersecurity researchers have discovered 11 old, Microsoft-signed, Unified Extensible Firmware Interface (UEFI) applications that could be abused to bypass Secure Boot on most systems using the modern firmware standard. "An attacker exploiting one of these vulnerable applications can execute untrusted code during system boot, enabling deployment of malicious UEFI bootkits or other malware,"

Original reporting

Open original source

Related coverage

Read full article on The Hacker News

Get the AFBytes Brief

Major stories, AI-assisted analysis, and what to watch next. Free, monthly, unsubscribe anytime.