Skip to main content

Tag: secure boot

11 articles

Motherboard components and UEFI firmware chip in a well-lit lab setting.

Microsoft-Signed Linux UEFI Shims Expose Secure Boot Bypass Risk

A newly discovered vulnerability in 11 Microsoft-signed Linux UEFI shims could allow hackers to bypass Secure Boot and deploy malicious code during system startup, putting your device at risk of infection with UEFI bootkits or other malware. This security flaw enables attackers to execute untrusted code during boot, making it a critical threat to your system's security.

Analyst 207
Rows of computer servers in a brightly-lit data center or network operations center.

Microsoft Patches 138 Vulnerabilities, Including Critical DNS and Netlogon Flaws

Microsoft just patched a critical DNS flaw that could let hackers execute code on your network, along with 137 other vulnerabilities - so make sure to update ASAP! The update also includes a mandatory rollout of updated Secure Boot certificates to keep your system secure.

Analyst 207
Windows 10 laptop on a clean surface with open screen displaying a blurred image.

Microsoft Releases Urgent Windows 10 Update to Fix Security Flaws

Microsoft just dropped a critical Windows 10 update, KB5087544, to squash 120 security flaws and fix frustrating Remote Desktop issues - and it's a must-install to keep your system safe and running smoothly. This urgent patch also tackles Secure Boot state and certificate changes to give you added peace of mind.

Analyst 207
NHS Exclusive: Critical PCs Blocked from Windows 11 Rollout

NHS Exclusive: Critical PCs Blocked from Windows 11 Rollout

A handful of suppliers refusing to sign off on Windows 11 compatibility are forcing NHS trusts to pause upgrades—pitting vital clinical continuity against security and compliance and leaving staff to decide which devices come first.

Analyst 207
MPs Urge Must-Have Tech to End Alarming Phone Theft

MPs Urge Must-Have Tech to End Alarming Phone Theft

As phone theft surges across the UK, MPs are pushing ministers and manufacturers to make stolen handsets economically worthless. They want the Home Secretary to compel Apple, Google, Samsung and others to combine secure boot, hardware IDs, remote lock/wipe and carrier blocks into a single, hard-to-defeat kill‑switch that protects victims and starves organised thieves.

Analyst 207
MPs Urge Exclusive Affordable Tech to Halt Phone Theft

MPs Urge Exclusive Affordable Tech to Halt Phone Theft

MPs are urging ministers to force Apple, Google and Samsung to deploy standardized, affordable tech that turns stolen phones into paperweights by blocking resets and reuse. Doing so could choke off criminals’ profits, slash street thefts and spare victims the pain of lost banking and identity access.

Analyst 207
UEFI Secure Boot: Must-Have Best Practices for Arm64

UEFI Secure Boot: Must-Have Best Practices for Arm64

UEFI Secure Boot promises stronger boot-time protections for Linux on Arm64, but a fragmented ecosystem of firmware, vendor keys and update practices has left adoption uneven. With better coordination, transparent signing and continued work on shim, U-Boot and EDK II, we can get a reliable, user-friendly Secure Boot story across Arm devices.

Analyst 207
UEFI bootkit Nightmare: Exclusive Devastating Threat

UEFI bootkit Nightmare: Exclusive Devastating Threat

HybridPetya blends NotPetya-style destructive tricks with a UEFI bootkit that can survive OS reinstalls and even attempt to bypass Secure Boot, forcing teams and everyday users to rethink recovery and firmware defenses. If you assume reinstalling Windows is enough, this threat is a wake-up call to harden firmware, backups and pre-boot integrity checks.

Analyst 207
bypass Secure Boot: Stunning Dangerous PoC Reveals Risk

bypass Secure Boot: Stunning Dangerous PoC Reveals Risk

A new proof-of-concept bootkit called HybridPetya shows Secure Boot can be bypassed, reminding us that attackers who gain control before Windows starts can hide, persist, and undermine trust at the firmware level. Patch promptly, inventory firmware, and push for hardware-level protections—because platform security now starts before the OS.

Analyst 207
UEFI Secure Boot Critical: Exclusive HybridPetya Risk

UEFI Secure Boot Critical: Exclusive HybridPetya Risk

Think ransomware can’t survive a reinstall? Think again — HybridPetya combines Petya-style encryption with a UEFI exploit (CVE-2024-7344) to bypass Secure Boot and persist below the OS. Patch firmware, enable measured boot, and lock down backups before attackers exploit this weakness.

Analyst 207
IoT Must-Have: Best Secure Provisioning Guide

IoT Must-Have: Best Secure Provisioning Guide

Don’t let insecure device setup turn your smart home into someone else’s playground — this practical guide walks you through NIST-backed provisioning tips like hardware roots of trust, authenticated onboarding, unique credentials, and secure OTA updates to keep devices safe from day one. Follow these doable steps and simple UX fixes to make secure setup the easy, default choice for manufacturers and users alike.

Analyst 207