Security · 1h ago
Decade-old UEFI flaws let attackers bypass Secure Boot
Researchers found 11 vulnerable UEFI shim bootloaders that attackers can exploit to bypass Secure Boot protections. The flaws have existed for years and were only recently discovered and revoked. No new vulnerability is needed to compromise key systems.
Meridian48 take
The discovery underscores how legacy code in foundational security features can remain exploitable for years, highlighting the need for continuous auditing of even established protections.
Read the full reporting
'No new vulnerability is needed to bypass UEFI Secure Boot': Experts find attackers can exploit decades-old flaws to gain access to key systems →
TechRadar
uefi-secure-bootbootloader-vulnerabilities