SecureBoot broken on many popular computers

Started by ky331, July 26, 2024, 10:47:29 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

ky331

The following was excerpted from https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/

In 2012, an industry-wide coalition of hardware and software makers adopted Secure Boot to protect against a long-looming malware security threat that could infect the BIOS firmware that loaded the operating system each time a computer booted up.  Built into UEFI, Secure Boot used public-key cryptography to block the loading of any code that wasn't signed with a pre-approved digital signature.

On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than 200 device models sold by Acer, Dell, Gigabyte, Intel, and Supermicro. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022.

See the article (link above) for a list of affected models.

----------------------------------

See also:  https://www.bleepingcomputer.com/news/security/pkfail-secure-boot-bypass-lets-attackers-install-uefi-malware/