11-Year-Old Linux UEFI Shim Bootloaders Let Attackers Bypass Secure Boot
11-year-old Microsoft-signed UEFI shim bootloaders, some dating back over a decade, let attackers completely bypass UEFI Secure Boot on nearly any UEFI-based machine, regardless of the installed operating system. ESET researchers uncovered that the vulnerable shims, all at version 0.9 or earlier,...