Windows 10 devices vulnerable due to new Boothole Secure Boot exploit

by Surur
July 29, 2020

Is Copilot the best AI companion out there? Help us find out by answering a couple of quick questions!

A new vulnerability has been discovered in Secure Boot which places a large number of Windows machines at risk.

Boothole was discovered by security company Eclypsium, and the flaw in the GRUB2 file in Secure Boot can result in “near-total control” of the victim’s system.

The vulnerability affects the boot process, and malicious code is executed before the OS is loaded, meaning OS-based security procedures are circumvented.  The exploit can also modify the GRUB file to give persistent access to the device.

The flaw  “extends to any Windows device that uses Secure Boot with the standard Microsoft Third Party UEFI Certificate Authority”, and would require a  “coordinated efforts from a variety of entities” to fix it, suggesting any fix will be slow to roll out.

At present the company suggests companies should monitoring UEFI bootloaders and firmware, verifying UEFI configurations and test recovery capabilities. Read more about the mitigation procedures here.

via Neowin.

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}