Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Microsoft Security IT

Microsoft Patches Windows To Eliminate Secure Boot Bypass Threat (arstechnica.com) 17

Posted by msmash from the PSA dept.
Microsoft has patched a Windows vulnerability that allowed attackers to bypass Secure Boot, a critical defense against firmware infections, the company said. The flaw, tracked as CVE-2024-7344, affected Windows devices for at least seven months. Security researcher Martin Smolar discovered the vulnerability in a signed UEFI application within system recovery software from seven vendors, including Howyar.

The application, reloader.efi, circumvented standard security checks through a custom PE loader. Administrative attackers could exploit the vulnerability to install malicious firmware that persists even after disk reformatting. Microsoft revoked the application's digital signature, though the vulnerability's impact on Linux systems remains unclear.

Microsoft Patches Windows To Eliminate Secure Boot Bypass Threat More | Reply

Microsoft Patches Windows To Eliminate Secure Boot Bypass Threat

Comments Filter:

  • “Secure Boot” yeah right (Score:3, Insightful)

    by Gavino ( 560149 ) on Thursday January 16, 2025 @01:58PM (#65094155)
    The term “secure” in “secure boot” should probably also be revoked. This kind of stuff gives me zero confidence in what Microsoft have essentially forced on the industry. It seems to be about as secure as 64-bit WEP. I.e. not very.

    • Re:“Secure Boot” yeah right (Score:4, Insightful)

      by Anonymous Coward on Thursday January 16, 2025 @02:06PM (#65094175)

      The ONLY thing secure boot secures is Microsoft another revenue stream. Nothing is proven about anything other than someone paid M$ to sign some code.

      It is literally just cartel behavior.

      • Re: (Score:2, Informative)

        by Anonymous Coward
        Secure Boot is NOT MS specific.

    • Re:“Secure Boot” yeah right (Score:5, Informative)

      by 93 Escort Wagon ( 326346 ) on Thursday January 16, 2025 @02:14PM (#65094197)

      Yeah, in all seriousness - I'm kind of flabbergasted by this. The fact that it's even possible for a Windows-based exploit to bypass "Secure Boot" tells us that Secure Boot is more or less a scam.

      • Yeah, in all seriousness - I'm kind of flabbergasted by this. The fact that it's even possible for a Windows-based exploit to bypass "Secure Boot" tells us that Secure Boot is more or less a scam.

        It's not a bug - it's a feature. How else are the bad guys going to get the access they need?

      • Yeah, in all seriousness - I'm kind of flabbergasted by this. The fact that it's even possible for a Windows-based exploit to bypass "Secure Boot" tells us that Secure Boot is more or less a scam.

        To be fair, I don't think it's SecureBoot's job to make your OS secure; it's the OS's job.

        I haven't read about this in ages, but I think the idea is that your OS leverages SecureBoot to confirm that its bootloader hasn't been modifed. A flaw in the OS, at the line where it says "if SecureBoot.reportsissue = $true then shut back down" is what I think is going on, and is not indicative that SecureBoot is a scam. It's indicative that programmers continue to get even ultra-critical stuff wrong from time to

        • My basic point (or opinion, if you prefer) is - if something at the OS layer has this level of access to Secure Boot, then we're back to "your computer is only as secure as your OS". Secure Boot can't and shouldn't be considered a trustworthy gatekeeper for any bootloader if it's not immune to bad behavior from the running OS.

          The relationship between Secure Boot and any OS should have been designed to flow in one direction only.

  • The example (Score:3, Insightful)

    by Ol Olsoc ( 1175323 ) on Thursday January 16, 2025 @02:19PM (#65094207)
    Of why Windows is inherently not secure. If the Standard OS, the largest installed User base, the utter need for users to work on anything other than Office 365....

    Whose very claimed Secure boot is not at all secure.

    It is difficult to have much sympathy for it's users who still use it after Secure boot is not secure. Such a weak system means that either the users and companies that continues to use windows are either brain dead, or do not care about security at all.

    Enjoy getting Pwned,

    • Re:The example (Score:4, Interesting)

      by 93 Escort Wagon ( 326346 ) on Thursday January 16, 2025 @03:06PM (#65094311)

      Yeah, I've been (historically) jumping through all the extra hoops to keep Secure Boot enabled on our Linux servers and (especially) student workstations, taking the extra steps to get GPU drivers working with it, etc. etc. Now I'm wondering why I've bothered.

      It seems to me that, at least on those machines where other people have physical access (and can log in), this exploit tells me Secure Boot isn't really making them any more secure.

      If someone wants to argue the other way, I'll certainly be interested to listen.

      • Yeah, I've been (historically) jumping through all the extra hoops to keep Secure Boot enabled on our Linux servers and (especially) student workstations, taking the extra steps to get GPU drivers working with it, etc. etc. Now I'm wondering why I've bothered.

        It seems to me that, at least on those machines where other people have physical access (and can log in), this exploit tells me Secure Boot isn't really making them any more secure.

        If someone wants to argue the other way, I'll certainly be interested to listen.

        And just imagine the other surprises Windows will serve us with. Some vulnerabilities can happen, sure. But this is pretty egregious.

    • Of why Windows is inherently not secure. If the Standard OS, the largest installed User base, the utter need for users to work on anything other than Office 365....

      Whose very claimed Secure boot is not at all secure.

      It is difficult to have much sympathy for it's users who still use it after Secure boot is not secure. Such a weak system means that either the users and companies that continues to use windows are either brain dead, or do not care about security at all.

      Enjoy getting Pwned,

      I mean - devil's advocate here - not having the ability to leverage the feature doesn't make an OS more secure.

      That doesn't excuse Microsoft here at all. This code should've been vetted and checked so many times there's no statistical possibility of vulnerability. The foundation must be reliable before you build walls atop it.

  • Sure you get a trusted flag with secure boot, but when the trusted code betrays you or gets backdoored you're screwed. Revoking the key only closes the barn door afterwards. Same with all DRM and notarized code.

  • proves once again. (Score:3)

    by Virtucon ( 127420 ) on Thursday January 16, 2025 @04:44PM (#65094527)

    If MS had just integrated SystemD this would have never happened. We all know SystemD can detect and remove malware, bloatware, and any fungus among us.

    • I'm sure WindowsD is somewhere in the planning pipeline!

      • At this rate, the SystemD project will probably implement it in several years. The boot process will be:

        systemd loads Linux kernel -> systemd starts systemd-init -> systemd-init loads Windows kernel -> user cries

Slashdot Top Deals

The trouble with being punctual is that people think you have nothing more important to do.

Close