Home/News/11 Microsoft-Signed Linux UEFI Shims Bypass Secure Boot
The Hacker News2 min read

By Interestana AI Editorial — AI-drafted, human-overseen. How we report

11 Microsoft-Signed Linux UEFI Shims Bypass Secure Boot

11 Microsoft-Signed Linux UEFI Shims Bypass Secure Boot

Cybersecurity researchers identified 11 older Microsoft-signed Unified Extensible Firmware Interface (UEFI) applications that can be exploited to bypass Secure Boot on systems utilizing the modern firmware standard. The vulnerability allows an attacker to execute untrusted code during the system's boot process. This could enable the deployment of malicious UEFI bootkits or other forms of malware, effectively compromising the integrity of the boot sequence.

These vulnerable shims were found to be signed by Microsoft, meaning they were trusted by the Secure Boot mechanism. Secure Boot is a security feature designed to ensure that only trusted software loads during the boot process, preventing unauthorized code from running before the operating system starts. The discovery highlights a significant flaw in the trust chain that underpins system security.

The researchers detailed their findings in a report, emphasizing that the exploitation of these shims could lead to persistent threats that are difficult to detect and remove. The specific applications involved are older versions, but their continued presence and Microsoft's signature on them create a widespread risk. The implications extend to a broad range of Linux distributions and hardware that rely on UEFI Secure Boot for protection against firmware-level attacks.

While the exact number of affected systems is not specified, the broad applicability of UEFI Secure Boot suggests a substantial potential attack surface. The researchers have not yet disclosed the specific names of the 11 shims, but their work points to a critical need for ongoing vigilance in reviewing and revoking trust for legacy components, even those signed by reputable entities like Microsoft. This incident underscores the importance of maintaining up-to-date security configurations and promptly addressing vulnerabilities in foundational system components.

Original source — read the full reporting at the publisher:

Read on The Hacker News

Get the weekly AI digest

AI news + new model releases, weekly. Drafted by our agents, reviewed by humans.

Read next