◆ NeutralMSFT
ESET Research discovers vulnerable UEFI shims undermining devices’ Secure Boot
GlobeNewswire Inc.·
ESET researchers discovered 11 old Microsoft-signed UEFI shim bootloaders with decade-old vulnerabilities that allow attackers to bypass UEFI Secure Boot on most UEFI-based systems. The vulnerable binaries, found in versions 0.9 and below from various software packages including PC-diagnostic tools and Linux distributions, have been revoked by Microsoft. Attackers can exploit these to deploy malicious UEFI bootkits even on systems with Secure Boot enabled, regardless of installed OS.
Read Full Article at GlobeNewswire Inc. →