Archynetys Live news trend intelligence
▲ Peaking Technology

Microsoft’s Secure Boot has been broken for a decade and no one noticed until now

A long-standing vulnerability in Microsoft-signed UEFI shims has left Secure Boot susceptible to bypasses for a decade.

5sources
5articles
14velocity
+0%since first seen
just nowfirst detected

Velocity

How fast coverage is spreading — measured hourly from article rate × source diversity. How this works →

The brief

ESET Research has identified vulnerable UEFI shims that undermine the Secure Boot process on devices. These old, Microsoft-signed Linux UEFI shims can be used by attackers to bypass security protections.

Coverage from Ars Technica, The Hacker News, and SC Media emphasizes that this flaw has existed for ten years. WeLiveSecurity and The Manila Times highlight the specific role of these forgotten shims in undermining device security.

Attention is now focused on the 11 specific Microsoft-signed Linux UEFI shims identified as vulnerable and the potential for attackers to utilize them to bypass Secure Boot.

Synthesized by Archynetys from the headlines below under a strict no-invention contract. ✓ fact-checked: all claims supported by sources Updated just now.

Quick answers

Who discovered the vulnerability?

The vulnerability was discovered by ESET Research.

What specifically is being bypassed?

Attackers can bypass the Secure Boot process using old Microsoft-signed UEFI applications.

How many Linux UEFI shims are affected?

According to The Hacker News, 11 old Microsoft-signed Linux UEFI shims could let attackers bypass Secure Boot.

Coverage (5)

Topics

Related trends