August 23, 2024 at 02:08PM Microsoft provided a workaround for Linux boot issues caused by August security updates on dual-boot systems with Secure Boot enabled. It sounds like Microsoft provided a workaround for the Linux boot issues caused by the August security updates on dual-boot systems with Secure Boot enabled. Full Article
August 22, 2024 at 12:35PM Microsoft has acknowledged that the August 2024 Windows security updates are causing issues for dual-boot systems with Secure Boot enabled, particularly affecting Linux booting. The problem stems from a Secure Boot Advanced Targeting update, blocking unpatched Linux boot loaders against a specific vulnerability. Microsoft is working on a fix and … Read more
August 21, 2024 at 11:05AM August 2024 Windows security updates are causing issues for dual-boot on some Linux systems with Secure Boot enabled. Microsoft applied a Secure Boot Advanced Targeting (SBAT) update to block Linux boot loaders unpatched against the CVE-2022-2601 GRUB2 vulnerability, impacting various Linux distributions. The affected users are experiencing “Verifying shim SBAT … Read more
August 20, 2024 at 12:35PM The August 2024 Windows updates are causing issues for dual boot on Linux systems with Secure Boot enabled. Microsoft’s Secure Boot Advanced Targeting (SBAT) update is blocking Linux boot loaders unpatched against the CVE-2022-2601 GRUB2 Secure Boot bypass vulnerability, affecting various distros. Users may need to disable Secure Boot, update … Read more
August 15, 2024 at 11:34AM Microsoft disabled a BitLocker vulnerability fix due to firmware incompatibility, causing devices to enter recovery mode. The CVE-2024-38058 flaw allows attackers to bypass BitLocker encryption and access data. To mitigate the issue, users must follow a complex 4-stage process and may face limitations. Microsoft didn’t address the root cause, urging … Read more
July 26, 2024 at 05:24PM Millions of Intel and ARM-based computing systems are vulnerable to attackers due to a leaked cryptographic key used in the Secure Boot process. The issue, dubbed “PKFail,” allows bypassing of Secure Boot and affects devices from vendors like Lenovo, HP, and Asus. Firmware updates are needed to address this widespread … Read more
July 25, 2024 at 05:45PM UEFI products from 10 vendors are vulnerable to compromise due to a critical firmware supply-chain issue called PKfail, allowing attackers to bypass Secure Boot and install malware. The affected devices use a test Secure Boot master key from American Megatrends International, which often remains untrusted by OEMs. Vendors are advised … Read more
February 7, 2024 at 05:23PM Major Linux distros, including Red Hat, Ubuntu, Debian, and SUSE, are affected by a remote code execution vulnerability in Linux shim (CVE-2023-40547). The flaw allows attackers to take full control of affected systems during the secure boot process. Red Hat has issued an update to address the most severe of … Read more
February 7, 2024 at 10:57AM A critical vulnerability in the Shim Linux bootloader allows attackers to execute code and take control of a system before the kernel loads, bypassing existing security measures. The flaw, known as CVE-2023-40547, was identified by Microsoft’s Bill Demirkapi. It can be exploited through various attack points and affects Linux distributions … Read more
December 6, 2023 at 10:48AM LogoFAIL is an attack exploiting UEFI image parsing to breach devices through harmful logo images, threatening both consumer and enterprise equipment. Meeting Takeaways: 1. **Issue Identified**: The meeting discussed a significant security vulnerability known as LogoFAIL. 2. **Attack Vector**: LogoFAIL exploits a UEFI (Unified Extensible Firmware Interface) image parser. 3. … Read more