Browsing tag
The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware. The shortcomings, collectively labeled LogoFAIL by Binarly, “can be used by threat actors to deliver a malicious payload and bypass Secure Boot, Intel Boot […]
Acer has released a firmware update to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on affected machines. Tracked as CVE-2022-4020, the high-severity vulnerability affects five different models that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G. The PC maker described the vulnerability as […]
PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible Firmware Interface (UEFI) firmware affecting several Yoga, IdeaPad, and ThinkBook devices. “The vulnerabilities allow disabling UEFI Secure Boot or restoring factory default Secure Boot databases (incl. dbx): all simply from an OS,” Slovak cybersecurity firm ESET explained in a series […]
A security feature bypass vulnerability has been uncovered in three signed third-party Unified Extensible Firmware Interface (UEFI) boot loaders that allow bypass of the UEFI Secure Boot feature. “These vulnerabilities can be exploited by mounting the EFI System Partition and replacing the existing bootloader with the vulnerable one, or modifying a UEFI variable to load […]
Keys to BYPASS UEFI secure boot Microsoft accidentally leaked the Secret keys to BYPASS UEFI secure boot that allow hackers to unlock devices protected by UEFI (Unified Extensible Firmware Interface) Secure Boot feature. Secure Boot is a security feature that protects your device from certain types of malware, such as a rootkit, which can hijack your […]
Short Bytes: Two researchers reported that Microsoft accidently compromised the golden keys to its UEFI Secure boot feature. The golden keys allow the developer to bypass the Window boot manager check and install a non-Microsoft OS on the machine. Microsft has released two patches to rectify the mistakes since then. It’s almost a week since […]
Redmond races to revoke Secure Boot debug policy. Microsoft leaked the golden keys that unlock Windows-powered tablets, phones and other devices sealed by Secure Boot – and is now scrambling to undo the blunder. These skeleton keys can be used to install non-Redmond operating systems on locked-down computers. In other words, on devices that do not […]