Dark Reading

'Bootkitty' First Bootloader to Take Aim at Linux

Researchers have spotted what they believe is the first ever malware capable of infecting the boot process of Linux systems. "Bootkitty" is proof-of-concept code that students in Korea developed for a ...
Dark Reading

Trusted Apps Sneak a Bug Into the UEFI Boot Process

A vulnerability in trusted system recovery programs could allow privileged attackers to inject malware directly into the system startup process in Unified Extensible Firmware Interface (UEFI) devices.
TechSpot

Two exploits are threatening Secure Boot, but Microsoft is only patching one of them

Facepalm: Microsoft and the PC industry developed the Secure Boot protocol to prevent modern UEFI-based computers from being hacked or compromised during the boot process. However, just a few years ...
Bleeping Computer

Microsoft uses AI to find flaws in GRUB2, U-Boot, Barebox bootloaders

Microsoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders. GRUB2 (GRand Unified Bootloader) is the ...
Bleeping Computer

New Microsoft script updates Windows media with bootkit malware fixes

Microsoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new "Windows UEFI CA 2023" certificate before the mitigations of the BlackLotus ...
Hosted on MSN

Microsoft's Secure Boot certificates expire in June 2026, but older PCs may never get the fix

Every Secure Boot-enabled Windows PC you've used for the last decade has relied on the same set of cryptographic certificates to keep its boot process secure. Those certificates were issued by ...