Newsylist real-time news trend intelligence
▲ Peaking Technology 🔮 Newsylist predicts: still trending tomorrow high confidence

Microsoft’s Secure Boot has been broken for a decade and no one noticed until now

Research has revealed that decade-old Microsoft-signed UEFI shims can be used to bypass Secure Boot protections.

5sources
6articles
17velocity
+0%since first seen
just nowfirst detected

Velocity timeline

How fast coverage is spreading — measured hourly from article rate × source diversity. How this works →

171160Jul 15 01:29Jul 15 02:29 UTC

The brief

ESET Research has discovered that vulnerable UEFI shims are undermining the Secure Boot process on devices. These old, Microsoft-signed applications allow attackers to bypass the security measures intended to protect the boot process.

Coverage from Ars Technica, The Hacker News, and SC Media emphasizes that 11 of these old Linux UEFI shims are specifically problematic. WeLiveSecurity and The Manila Times highlight that these forgotten shims have remained a vulnerability for a decade without being noticed.

Future developments depend on how these specific Microsoft-signed UEFI applications are addressed to prevent attackers from bypassing Secure Boot.

Synthesized by Newsylist from the headlines below under a strict no-invention contract. ✓ fact-checked: all claims supported by sources Updated just now.

Quick answers

Who discovered the vulnerability?

The vulnerability was discovered by ESET Research.

What specifically allows the Secure Boot bypass?

Old Microsoft-signed UEFI shims, specifically 11 Linux UEFI shims, can be used to bypass the system.

How long has this issue existed?

According to coverage from Ars Technica, the system has been broken for a decade.

Coverage (6)

People, places & organizations

Topics

Related trends