Microsoft Patches Windows To Eliminate Secure Boot Bypass Threat (arstechnica.com) 9
Microsoft has patched a Windows vulnerability that allowed attackers to bypass Secure Boot, a critical defense against firmware infections, the company said. The flaw, tracked as CVE-2024-7344, affected Windows devices for at least seven months. Security researcher Martin Smolar discovered the vulnerability in a signed UEFI application within system recovery software from seven vendors, including Howyar.
The application, reloader.efi, circumvented standard security checks through a custom PE loader. Administrative attackers could exploit the vulnerability to install malicious firmware that persists even after disk reformatting. Microsoft revoked the application's digital signature, though the vulnerability's impact on Linux systems remains unclear.
The application, reloader.efi, circumvented standard security checks through a custom PE loader. Administrative attackers could exploit the vulnerability to install malicious firmware that persists even after disk reformatting. Microsoft revoked the application's digital signature, though the vulnerability's impact on Linux systems remains unclear.
“Secure Boot” yeah right (Score:2)
Re: (Score:2, Insightful)
The ONLY thing secure boot secures is Microsoft another revenue stream. Nothing is proven about anything other than someone paid M$ to sign some code.
It is literally just cartel behavior.
Re: (Score:3)
Yeah, in all seriousness - I'm kind of flabbergasted by this. The fact that it's even possible for a Windows-based exploit to bypass "Secure Boot" tells us that Secure Boot is more or less a scam.
Re: (Score:2)
Yeah, in all seriousness - I'm kind of flabbergasted by this. The fact that it's even possible for a Windows-based exploit to bypass "Secure Boot" tells us that Secure Boot is more or less a scam.
It's not a bug - it's a feature. How else are the bad guys going to get the access they need?
The example (Score:2)
Whose very claimed Secure boot is not at all secure.
It is difficult to have much sympathy for it's users who still use it after Secure boot is not secure. Such a weak system means that either the users and companies that continues to use windows are either brain dead, or do not care about security at all.
Enjoy getting Pwned,
Re: (Score:2)
Yeah, I've been (historically) jumping through all the extra hoops to keep Secure Boot enabled on our Linux servers and (especially) student workstations, taking the extra steps to get GPU drivers working with it, etc. etc. Now I'm wondering why I've bothered.
It seems to me that, at least on those machines where other people have physical access (and can log in), this exploit tells me Secure Boot isn't really making them any more secure.
If someone wants to argue the other way, I'll certainly be interested t
Re: (Score:2)
Yeah, I've been (historically) jumping through all the extra hoops to keep Secure Boot enabled on our Linux servers and (especially) student workstations, taking the extra steps to get GPU drivers working with it, etc. etc. Now I'm wondering why I've bothered.
It seems to me that, at least on those machines where other people have physical access (and can log in), this exploit tells me Secure Boot isn't really making them any more secure.
If someone wants to argue the other way, I'll certainly be interested to listen.
And just imagine the other surprises Windows will serve us with. Some vulnerabilities can happen, sure. But this is pretty egregious.
When secure code goes rogue (Score:2)