A vulnerability in trusted system recovery programs could allow privileged attackers to inject malware directly into the system startup process in Unified Extensible Firmware Interface (UEFI) devices.

There's a surprising amount of code running before the OS even loads.

The Howyar UEFI Application “Reloader” (32-bit and 64-bit), distributed as part of SysReturn prior to version 10.2.02320240919, is vulnerable to the execution of arbitrary software from a hard-coded ...

A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active. The ...

ESET researchers have discovered a vulnerability that allows bypassing UEFI Secure Boot, affecting the majority of UEFI-based systems. This vulnerability, assigned CVE-2024-7344, was found in a UEFI ...

I'm going to start this post by saying something that a lot of people will find surprising. There are a lot of things that I like about UEFI firmware and the UEFI boot process. I think it is an ...

A vulnerability in the user of hard-coded Platform Keys (PK) within the UEFI framework, known as PKfail, has been discovered. This flaw allows attackers to bypass critical UEFI security mechanisms ...

The vulnerabilities were introduced when Lenovo inadvertently included an early development driver in the commercial versions of their software. Lenovo has released fixes for high-severity bios ...

The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows. Named 'Bootkitty,' ...

Event ID 1799 is the event logged when a boot manager signed by the Windows UEFI CA 2023 certificate (the latest and most secure) runs on startup. This means all the security measures are in place, ...