Microsoft finally patches serious UEFI Secure Boot flaw after seven-month delay
Vulnerability could have allowed hackers to run malware during the boot process
Secure boot articles
Old BitLocker vulnerability exploited to bypass encryption on updated Windows 11
Secure Boot? TPM? Full-disk encryption? All useless against resourceful hackers
Microsoft security update breaks dual-boot Linux systems using Secure Boot
"Something has gone seriously wrong" with the August Patch Tuesday update
Secure Boot rendered useless, over 200 PC models from different makers are affected
WTF?! If you thought your laptop, desktop, or server was protected by Secure Boot, think again. A new vulnerability dubbed "PKfail" has left Secure Boot wide open on hundreds of PC and devices across several major tech brands. Researchers at cybersecurity firm Binarly just dropped a bombshell report showing how a leaked cryptographic key has essentially nuked the security guarantees of Secure Boot for over 200 product models.
Microsoft releases optional fix for actively exploited Secure Boot vulnerability
Why it matters: Microsoft has issued guidance for fixing a serious Secure Boot vulnerability that affects all Windows systems and is actively being exploited in the wild. Normally, this kind of issue would be patched via monthly servicing updates but the Redmond company has chosen a phased approach to reduce the risk of you or your organization ending up with devices that won't boot. The fix will require some manual steps for now, but will be applied automatically on all supported Windows systems starting next year.
BlackLotus UEFI bootkit can defeat Secure Boot protection
The myth is real now, and you can't protect yourself from the ghost in the machine
A firmware update made Secure Boot useless for hundreds of MSI motherboards
Secure Boot isn't secure if the settings are wrong
A flaw in the GRUB2 bootloader allows hackers to bypass Secure Boot on billions of systems
BootHole is a silent killer for a widely-used security feature
