Tux Machines

Eclypsium calls out Microsoft over bootloader security woes

Posted by Roy Schestowitz on Aug 13, 2022

What Is Virtual Memory on Linux? How to Manage It

What’s New in GNOME 43?

Eclypsium researchers criticized Microsoft for its response to the discovery of three new bootloader vulnerabilities that could be exploited to gain control of systems during the boot process.

During a DEF CON 30 session Friday, security platform provider Eclypsium's researchers delved into the vulnerabilities, which were disclosed in Microsoft's Patch Tuesday release this week.

The three vulnerabilities exist in third-party bootloaders: Eurosoft Ltd. (CVE-2022-34301); New Horizon Datasys, Inc. (CVE-2022-34302); and Kidan's CryptoPro Secure Disk for BitLocker (CVE-2022-34303).

If exploited, threat actors could bypass Secure Boot, a security protocol used by OEMs and operating system vendors to ensure bootloaders and Unified Extensible Firmware Interface (UEFI) drivers are authenticated through valid digital signatures. Bypassing the Secure Boot checks would allow threat actors to commit attacks, such as modifying the OS, disabling security controls and installing backdoors.

Read on

↺ Read on

gemini.tuxmachines.org