August 20, 2024 at 12:35PM The August 2024 Windows updates are causing issues for dual boot on Linux systems with Secure Boot enabled. Microsoft’s Secure Boot Advanced Targeting (SBAT) update is blocking Linux boot loaders unpatched against the CVE-2022-2601 GRUB2 Secure Boot bypass vulnerability, affecting various distros. Users may need to disable Secure Boot, update … Read more
August 15, 2024 at 11:34AM Microsoft disabled a BitLocker vulnerability fix due to firmware incompatibility, causing devices to enter recovery mode. The CVE-2024-38058 flaw allows attackers to bypass BitLocker encryption and access data. To mitigate the issue, users must follow a complex 4-stage process and may face limitations. Microsoft didn’t address the root cause, urging … Read more
July 26, 2024 at 05:24PM Millions of Intel and ARM-based computing systems are vulnerable to attackers due to a leaked cryptographic key used in the Secure Boot process. The issue, dubbed “PKFail,” allows bypassing of Secure Boot and affects devices from vendors like Lenovo, HP, and Asus. Firmware updates are needed to address this widespread … Read more
July 25, 2024 at 05:45PM UEFI products from 10 vendors are vulnerable to compromise due to a critical firmware supply-chain issue called PKfail, allowing attackers to bypass Secure Boot and install malware. The affected devices use a test Secure Boot master key from American Megatrends International, which often remains untrusted by OEMs. Vendors are advised … Read more
February 7, 2024 at 05:23PM Major Linux distros, including Red Hat, Ubuntu, Debian, and SUSE, are affected by a remote code execution vulnerability in Linux shim (CVE-2023-40547). The flaw allows attackers to take full control of affected systems during the secure boot process. Red Hat has issued an update to address the most severe of … Read more
February 7, 2024 at 10:57AM A critical vulnerability in the Shim Linux bootloader allows attackers to execute code and take control of a system before the kernel loads, bypassing existing security measures. The flaw, known as CVE-2023-40547, was identified by Microsoft’s Bill Demirkapi. It can be exploited through various attack points and affects Linux distributions … Read more
December 6, 2023 at 10:48AM LogoFAIL is an attack exploiting UEFI image parsing to breach devices through harmful logo images, threatening both consumer and enterprise equipment. Meeting Takeaways: 1. **Issue Identified**: The meeting discussed a significant security vulnerability known as LogoFAIL. 2. **Attack Vector**: LogoFAIL exploits a UEFI (Unified Extensible Firmware Interface) image parser. 3. … Read more
December 4, 2023 at 03:06AM UEFI firmware from various vendors contains high-impact flaws in image parsing libraries, dubbed LogoFAIL by Binarly, which can be exploited to bypass security measures like Secure Boot and deliver persistent malware during boot-up using malicious logo images. The widespread vulnerabilities, affecting many x86 and ARM devices, will be detailed at … Read more