Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Massive Secure Boot Fail: 813 Devices from Major Brands at Risk Due to PKfail
Hundreds of UEFI products from 10 vendors are vulnerable to PKfail, a critical firmware issue allowing Secure Boot bypass and malware installation. Devices shipped with untrusted test keys from AMI, impacting major brands like Dell, HP, and Lenovo. This flaw spans 12 years, affecting nearly…
Hot Take:
Looks like someone hit the snooze button on Secure Boot, and now we’ve got a 12-year-old firmware fiasco on our hands! Vendors, it’s time to get your key management game on point, or you might as well hang a “Welcome Hackers” sign on your devices.
Key Points:
- Hundreds of UEFI products are compromised due to a PKfail issue allowing attackers to bypass Secure Boot.
- The issue arises from test Platform Keys not being replaced by OEMs, affecting 813 products from 10 major vendors.
- Private keys from Intel Boot Guard and MSI firmware were leaked earlier this year, exacerbating the problem.
- Exploitation allows attackers to manipulate Secure Boot databases and deploy UEFI malware like CosmicStrand and BlackLotus.
- Vendors are urged to replace test keys and follow cryptographic key management best practices to mitigate the issue.
Already a member? Log in here