There were details about the corrected security vulnerability, which could allow you to bypass the Unified Extensible Firmware Interface system. (UEFI).
According to the new study Xrust, the vulnerability, which is assigned the CVE -2024-7344 identifier, is in the UEFI application signed by a third-party certificate of UEFI «Microsoft Corporation UEFI CA 2011.
vulnerabilities can lead to an unreliable code during loading the system, which will allow attackers to expand the malicious UEFI Butttes on computers with the confrontated secure boot function, independently from the installed operating system.
Secure Boot is a standard for firmware safety that prevents the malware loading when starting a computer. The function uses digital signatures to verify the authenticity, source and integrity of the loaded code.
The UEFI vulnerable application is part of the several software packages to restore the system in real time developed by Howyar Technologies, Greenware Technologies, Radix Technologies, Sanfong, Wasay Software Technology.
- Если Вам понравилась статья, рекомендуем почитать
- Linux 6.13-RC7 has already been released-the release of Linux 6.13 Stable in a few days
- Day 4: Lists, Tuples, and Sets
