-
PKfail Secure Boot bypass remains a significant risk two months later
Roughly nine percent of tested firmware images use non-production cryptographic keys that are publicly known or leaked in data breaches, leaving many Secure Boot devices vulnerable to UEFI bootkit malware attacks.
- September 17, 2024
- 09:32 AM
0
-
Microsoft shares temp fix for Linux boot issues on dual-boot systems
Microsoft shared a workaround for Linux boot issues triggered by August security updates on dual-boot systems with Secure Boot enabled
- August 23, 2024
- 02:02 PM
1
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Microsoft confirms August updates break Linux boot in dual-boot systems
Microsoft has confirmed the August 2024 Windows security updates are causing Linux booting issues on dual-boot systems with Secure Boot enabled.
- August 22, 2024
- 12:30 PM
- 4
-
August Windows security update breaks dual boot on Linux systems
According to user reports following this month's Patch Tuesday, the August 2024 Windows security updates are breaking dual boot on some Linux systems with Secure Boot enabled.
- August 20, 2024
- 12:28 PM
- 6
-
PKfail Secure Boot bypass lets attackers install UEFI malware
Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware.
- July 25, 2024
- 05:42 PM
- 5
-
Phoenix UEFI vulnerability impacts hundreds of Intel PC models
A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw.
- June 20, 2024
- 05:31 PM
- 0
-
Critical flaw in Shim bootloader impacts major Linux distros
A critical vulnerability in the Shim Linux bootloader enables attackers to execute code and take control of a target system before the kernel is loaded, bypassing existing security mechanisms.
- February 07, 2024
- 10:55 AM
- 0
-
LogoFAIL attack can install UEFI bootkits through bootup logos
Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver bootkits.
- November 30, 2023
- 10:08 PM
- 0
-
Microsoft issues optional fix for Secure Boot zero-day used by malware
Microsoft has released security updates to address a Secure Boot zero-day vulnerability exploited by BlackLotus UEFI malware to infect fully patched Windows systems.
- May 09, 2023
- 02:45 PM
- 13
-
MSI breaks Secure Boot for hundreds of motherboards
Over 290 MSI motherboards are reportedly affected by an insecure default UEFI Secure Boot setting settings that allows any operating system image to run regardless of whether it has a wrong or missing signature.
- January 16, 2023
- 05:02 PM
- 8
-
Windows KB5012170 update causing BitLocker recovery screens, boot issues
Windows users who have installed a new KB5012170 security update for Secure Boot have encountered various issues, ranging from boots failing with BitLocker Recovery prompts to performance issues.
- August 16, 2022
- 07:05 PM
- 11
-
Microsoft blocks UEFI bootloaders enabling Windows Secure Boot bypass
Some signed third-party bootloaders for the Unified Extensible Firmware Interface (UEFI) used by Windows could allow attackers to execute unauthorized code in an early stage of the boot process, before the operating system loads.
- August 12, 2022
- 03:10 PM
- 3
-
New Windows 11 install script bypasses TPM, system requirements
A new script allows you to install Windows 11 on devices with incompatible hardware, such as missing TPM 2.0, incompatible CPUs, or the lack of Secure Boot. Even better, the script also works on virtual machines, allowing you to upgrade to the latest Windows Insider build.
- September 28, 2021
- 10:58 AM
- 9
-
Windows 11 won't work without a TPM - What you need to know
Windows 11 requires a TPM 2.0 security processor to install or upgrade to Windows 11. Unfortunately, mistakes in support documents have causes conflicting information on what type of TPM you need and why you need it in the first place.
- June 25, 2021
- 09:15 AM
- 23
-
Microsoft releases Windows 10 SSU to fix security update issue
Microsoft has released the Windows 10 1909 KB5000850 cumulative update preview and a new KB5001205 Servicing Stack Update that resolves a Secure Boot vulnerability.
- March 26, 2021
- 10:52 AM
- 0
-
GRUB2 boot loader reveals multiple high severity vulnerabilities
GRUB, a popular Linux boot loader project has fixed multiple high severity vulnerabilities.
- March 03, 2021
- 02:37 PM
- 1
-
Windows 10 Secure Boot update triggers BitLocker key recovery
Microsoft has acknowledged an issue affecting Windows 10 customers who have installed the KB4535680 security update that addresses a security feature bypass vulnerability in Secure Boot.
- February 16, 2021
- 12:38 PM
- 1
-
Microsoft fixes Secure Boot bug allowing Windows rootkit installation
Microsoft has fixed a security feature bypass vulnerability in Secure Boot that allows attackers to compromise the operating system's booting process even when Secure Boot is enabled.
- January 13, 2021
- 11:24 AM
- 1
