Three flaws allow attackers to bypass UEFI Secure Boot feature


Three signed third-party UEFI boot loaders have a flaw that can be used to get around the UEFI Secure Boot feature, according to researchers from the hardware security firm Eclypsium.

The most recent version of UEFI (Unified Extensible Firmware Interface) 2.3.1 has a security feature called Secure Boot that checks the digital signatures of boot loaders, important operating system files, and unauthorised option ROMs to see if they have been altered. Read More…