Home Latest News MSI Secure Boot is going haywire on a whole bunch of motherboards
Latest News

MSI Secure Boot is going haywire on a whole bunch of motherboards

by admin
written by admin

Loading audio player…

The latest firmware update for MSI motherboards broke a key security feature, exposing countless computers to malware risk (opens in new tab) and other threats, a security researcher has claimed.

Researcher Dawid Potocki discovered that the recently released firmware update version 7C02v3C changed the default secure boot setting on MSI motherboards, allowing the boot process to even run software that is unsigned or has had its signature changed due to changes.

In other words, software that would otherwise have stopped running due to maliciousness is now allowed to start.

Changing the default settings

“I decided to set up Secure Boot on my new desktop using sbctl. Unfortunately, I’ve found that my firmware will accept any OS image I’ve given it, whether it’s trusted or not,” Potocki wrote. “As I found out later on 12/16/2022, it wasn’t just broken firmware; MSI had changed their default secure boot settings to allow booting in case of security breaches (!!).”

The firmware setting changed with the latest patch was “Image Execution Policy” which now defaults to “Always Execute”. According to Potocki, users must set the execution policy for “Removable Media” and “Fixed Media” to “Deny Execute”. This way, only signed software is allowed to run at boot.

Continue reading

> Acer fixes a major laptop bug that allows hackers to disable secure boot

> What Microsoft’s Secure Boot means for the future of Linux

> These are the best firewalls out there (opens in new tab)

Potocki further claimed MSI never documented the change, but after doing a little research discovered that almost 300 models were affected, including many Intel and AMD-based motherboards. Even some brand new devices have been affected, he added.

Secure Boot is MSI’s security system designed to prevent UEFI malware such as bootkits and rootkits. This type of malware is particularly dangerous because even deleting the operating system does not remove it from the device.

MSI is currently silent on the matter, but should the company respond to media inquiries, we’ll update the article accordingly.

  • Here’s our rundown of the best endpoint protection software (opens in new tab)

Above: Beeping computer (opens in new tab)

This article was previously published on Source link

0 comment
0
FacebookTwitterPinterestEmail

You may also like

How to Use Split Screen Mode on Your...

Live Event from Google “Live from Paris”: AI...

Microsoft announces “New Bing” with integrated AI chatbot

Wikipedia fears that without Section 230, its volunteer...

The morning after: Microsoft’s next-gen Bing is “more...

Lost and found: Codebreakers decipher over 50 letters...

Wordle Today: Answers and Hints for February 8th...

OnePlus Launches OnePlus 11, OnePlus 11R in India,...

How to disable the save password pop-up in...

OnePlus 11, high-end performance for $700

@2021 - All Right Reserved. Designed and Developed by webinfobuzz.com

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy