New UEFI vulnerability bypasses Secure Boot — bootkits stay undetected even after OS re-install
external-link
fedilink
195
New UEFI vulnerability bypasses Secure Boot — bootkits stay undetected even after OS re-install
fedilink
Microsoft has already blocked affected software with the latest Windows updates
Ulrich
link
fedilink
English
49d

Does that mean Linux is invulnerable?

@[email protected]
link
fedilink
English
209d

No, it means that Linux systems also need to blacklist the keys in their UEFI firmware. I don’t know if distros push updates for those blacklists or if you have to do it manually.

@[email protected]
link
fedilink
English
99d

As drspod said, no, Linux is not invulnerable. For Linux users using legacy BIOS boot or using UEFI but not secure boot, this vulnerability doesn’t make anything any more insecure than it was already. But any user, Linux or Windows, who is affected by this vulnerability (which is basically everyone who hasn’t revoked permissions to the Microsoft keys in question), if they’re using secure boot, no they’re not. (That is to say, they can no longer depend on any of the guarantees that secure boot provides until they close the vulnerability.)

Create a post

For PC gaming news and discussion. PCGamingWiki

Rules:

  1. Be Respectful.
  2. No Spam or Porn.
  3. No Advertising.
  4. No Memes.
  5. No Tech Support.
  6. No questions about buying/building computers.
  7. No game suggestions, friend requests, surveys, or begging.
  8. No Let’s Plays, streams, highlight reels/montages, random videos or shorts.
  9. No off-topic posts/comments, within reason.
  10. Use the original source, no clickbait titles, no duplicates. (Submissions should be from the original source if possible, unless from paywalled or non-english sources. If the title is clickbait or lacks context you may lightly edit the title.)
  • 1 user online
  • 58 users / day
  • 393 users / week
  • 970 users / month
  • 3.09K users / 6 months
  • 1 subscriber
  • 4.61K Posts
  • 30.2K Comments
  • Modlog