A security feature bypass vulnerability has been uncovered in three signed third-party Unified ExtensibleΒ Firmware Interface (UEFI) boot loaders that allow bypass of the UEFI Secure Boot feature.
"These vulnerabilities can be exploited by mounting the EFI System Partition and replacing the existing bootloader with the vulnerable one, or modifying a UEFI variable to load the vulnerable loader
An unknown Chinese-speaking threat actor has been attributed to a new kind of sophisticated Unified Extensible Firmware Interface (UEFI) firmware rootkit calledΒ CosmicStrand.
"The rootkit is located in the firmware images of Gigabyte or ASUS motherboards, and we noticed that all these images are related to designs using the H81 chipset," Kaspersky researchersΒ saidΒ in a new report published today
Login
FreshRSS