3 weeks ago - Binarly researcher Alex Matrosov discovered the CVE-2025-3052 flaw after finding a BIOS-flashing utility signed with Microsoft's UEFI signing certificate. The utility was originally designed for rugged tablets but as it was signed with Microsoft's UEFI certificate, it can run on any Secure ...

The first flaw is CVE-2025-3052, which could allow an attacker to skip past Secure Boot entirely.

3 weeks ago - A new Secure Boot bypass flaw can be exploited to disable your PC’s security and install bootkit malware that runs every time you turn on your computer.

We cannot provide a description for this page right now

Secure Boot helps prevent bootkit malware in the boot sequence. Disabling Secure Boot puts a device at risk of being infected by bootkit malware. Fixing the Secure Boot bypass described in CVE-2023-24932 requires revoking boot managers.

August 2, 2020 - GRUB2, one of the world’s most-widely used programs for booting up computers, has a vulnerability that can make it easier for attackers to run malicious firmware during startup, researchers said on Wednesday. This would affect millions or possibly hundreds of millions of machines.

Researchers are warning Microsoft Windows as well as many Linux distribution users to install updates that revoke permissions for a vulnerable driver that attackers

February 11, 2025 - Secure Boot is a security feature that blocks bootloaders untrusted by the OEM on computers with Unified Extensible Firmware Interface (UEFI) firmware and a Trusted Platform Module (TPM) chip to prevent rootkits from loading during the startup process. According to a Microsoft Security Response Center blog post, the security flaw ...

Applying the fix for a new security bypass zero-day affecting the Windows Secure Boot feature will be a long process that will drag into 2024, but for good reason, says Microsoft.

January 16, 2025 - The vulnerability, assigned the ... according to a new report from ESET shared with The Hacker News. Successful exploitation of the flaw can lead to the execution of untrusted code during system boot, thereby enabling attackers to deploy malicious UEFI bootkits on machines ...

January 16, 2025 - A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active.

Binarly uncovers CVE-2025-3052: a Secure Boot bypass affecting most UEFI devices, enabling attackers to run unsigned code before OS load.

August 13, 2022 - Researchers discovered a flaw in three signed third-party UEFI boot loaders that allow bypass of the UEFI Secure Boot feature.

Microsoft has patched two flaws (CVE-2023-29336 and CVE-2023-24932) that have been actively exploited.

April 16, 2024 - Microsoft’s April Patch Tuesday included fixes for 24 Secure Boot vulnerabilities. This post discusses their severity and remediation.

3 weeks ago - The flaw is able to skirt past your usual security protection and evade detection, but Microsoft has a patch. Written by Lance Whitney, Contributor June 11, 2025 at 12:01 p.m. PT ... Windows users who don't always install the updates rolled out by Microsoft each month for Patch Tuesday will want to install the ones for June. That's because the latest round of patches fixes a flaw that could allow an attacker to control your PC through bootkit ...

August 15, 2022 - Bootloaders present in a majority of computers made in the past 10 years are affected by Secure Boot bypass vulnerabilities, according to firmware security company Eclypsium.

April 19, 2022 - Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models.

May 10, 2023 - Microsoft has released new security patches to address the BlackLotus UEFI security flaw in all supported versions of Windows 11 and 10 as well as Windows

May 12, 2023 - Stealthy UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw BlackLotus represents a major milestone in the continuing evolution of UEFI bootkits.