Ars Technica

Critical vulnerability affecting most Linux distros allows for bootkits

Linux developers are in the process of patching a high-severity vulnerability that, in certain cases, allows the installation of malware that runs at the firmware level, giving infections access to ...
Semiconductor Engineering

Implementing Secure Boot With A Root Of Trust

A boot sequence describes the initial set of operations performed by a device at the start of the boot process. During this stage, available resources reside in some form of local, nonvolatile storage ...
Linux Journal

Runlevels and the Boot Process in Linux

Linux, an immensely powerful and versatile operating system, sits at the heart of countless applications, from tiny embedded devices to massive servers. A pivotal aspect for any user, whether a ...
Dark Reading

Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs

Researchers have uncovered "LogoFAIL," a set of critical vulnerabilities present in the Unified Extensible Firmware Interface (UEFI) ecosystem for PCs. Exploitation of the vulnerabilities nullify ...
Ars Technica

Microsoft will take nearly a year to finish patching new 0-day Secure Boot bug

Earlier this week, Microsoft released a patch to fix a Secure Boot bypass bug used by the BlackLotus bootkit we reported on in March. The original vulnerability, CVE-2022-21894, was patched in January ...
Bleeping Computer

MSI breaks Secure Boot for hundreds of motherboards

Update 1/22/23: Title updated as MSI intentionally changed this setting as per statement below. Over 290 MSI motherboards are reportedly affected by an insecure default UEFI Secure Boot setting ...