The secure boot standard, invented by Microsoft to protect Windows and Linux devices from firmware infections, has been broken for 13 out of its 14 years of existence. This shocking discovery was made by researchers at security firm ESET, who found that 11 firmware images, including one from 2013, were defective but still signed by Microsoft.
These images, known as shims, were created to extend secure boot to Linux devices and utility software. However, they can be used to completely circumvent the protection, which is embedded into the UEFI of the device’s motherboard. This is a result of Microsoft’s failure to revoke the publicly available images once vulnerabilities were found in them.
What is Secure Boot?
Secure boot is a standard that ensures that a device boots only with authorized firmware. It checks the digital signature of the firmware before loading it, preventing malicious firmware from being installed. This standard is crucial in preventing attacks that target the firmware level, such as UEFI malware.
However, the discovery of the broken secure boot standard raises concerns about the effectiveness of this protection. The fact that it has been broken for 13 years without being noticed is alarming, and it highlights the need for more rigorous testing and validation of security standards.
Implications of the Broken Secure Boot Standard
The broken secure boot standard has significant implications for both Windows and Linux users. An attacker can use the old, forgotten shims to install malicious firmware that loads early in the boot process and persists even after the OS is reinstalled or a hard drive is replaced.
- Malicious firmware can be used to steal sensitive information, such as passwords and encryption keys.
- It can also be used to install malware that is difficult to detect and remove.
- Furthermore, it can be used to create a backdoor that allows attackers to access the device remotely.
The threat extends to both Windows and Linux users, as the shim can be installed on devices running both operating systems. This highlights the need for users to be aware of the potential risks and to take steps to protect themselves.
What Can Users Do to Protect Themselves?
While the broken secure boot standard is a significant concern, there are steps that users can take to protect themselves. These include keeping their devices and software up to date, using strong passwords and encryption, and being cautious when installing software or firmware.
Additionally, users can use security software that can detect and remove malware, including firmware-level threats. They can also use a secure boot-enabled device, which can help to prevent malicious firmware from being installed.
Conclusion and Future Directions
In conclusion, the discovery of the broken secure boot standard is a significant concern that highlights the need for more rigorous testing and validation of security standards. Users must be aware of the potential risks and take steps to protect themselves, including keeping their devices and software up to date and using security software.
As the threat landscape continues to evolve, it is essential to stay vigilant and to continually assess and improve security standards. This includes developing new security protocols and standards that can help to prevent attacks and protect users.
Source: arstechnica.com.






Be First to Comment