Windows 10 devices vulnerable due to new Boothole Secure Boot exploit

Reading time icon 1 min. read


Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

A new vulnerability has been discovered in Secure Boot which places a large number of Windows machines at risk.

Boothole was discovered by security company Eclypsium, and the flaw in the GRUB2 file in Secure Boot can result in “near-total control” of the victim’s system.

The vulnerability affects the boot process, and malicious code is executed before the OS is loaded, meaning OS-based security procedures are circumvented.  The exploit can also modify the GRUB file to give persistent access to the device.

The flaw  “extends to any Windows device that uses Secure Boot with the standard Microsoft Third Party UEFI Certificate Authority”, and would require a  “coordinated efforts from a variety of entities” to fix it, suggesting any fix will be slow to roll out.

At present the company suggests companies should monitoring UEFI bootloaders and firmware, verifying UEFI configurations and test recovery capabilities. Read more about the mitigation procedures here.

via Neowin.

More about the topics: boothole, security

Leave a Reply

Your email address will not be published. Required fields are marked *