For the past seven months—and likely longer—an industry-wide standard that protects Windows devices from firmware infections could be bypassed using a simple technique. On Tuesday, Microsoft finally patched the vulnerability. The status of Linux systems is still unclear. Tracked as CVE-2024-7344, the vulnerability made it possible for attackers who had already gained privileged access to a device to run malicious firmware during bootup. These ty…

Ars Technica

United States

Microsoft patches Windows to eliminate Secure Boot bypass threat

Ad Fontes Media

All Sides

Media Bias/Fact Check

Advance Publications

Microsoft has patched a Windows vulnerability that allowed attackers to bypass Secure Boot, a critical defense against firmware infections, the company said. The flaw, tracked as CVE-2024-7344, affected Windows devices for at least seven months. Security researcher Martin Smolar discovered the vulne...

slashdot.org

Microsoft Patches Windows To Eliminate Secure Boot Bypass Threat

A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active.

BleepingComputer

New UEFI Secure Boot flaw exposes systems to bootkits, patch now

Researchers detailed a now-patched vulnerability that could allow a bypass of the Secure Boot mechanism in UEFI systems. ESET disclosed details of a now-patched vulnerability, tracked as CVE-2024-7344 (CVSS score: 6.7), that could allow a bypass of the Secure Boot mechanism… Read more → The post ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems appeared first on IT Security News.

IT Security News - cybersecurity, infosecurity news

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Microsoft finally patched the security threat (CVE-2024-7344), allowing bad actors to gain unauthorized access to Windows 11 by bypassing Secure Boot for over 7 months.

Windows Central

Microsoft blocks critical Secure Boot loophole after over 7 months — fortifying Windows 11 against sophisticated firmware attacks camouflaged as verified UEFI apps

Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems.
The vulnerability, assigned the CVE identifier CVE-2024-7344 (CVSS score: 6.7), resides in a UEFI application signed by Microsoft's "Microsoft Corporation UEFI CA 2011" third-party UEFI certificate, according to a new

The Hacker News

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

For the past seven months-and likely longer-an industry-wide standard that protects Windows devices from firmware infections could be bypassed using a simple technique. On Tuesday, Microsoft finally patched the vulnerability. The status of Linux systems is still unclear. Tracked as CVE-2024-7344, the vulnerability made it possible for attackers who had already gained privileged access to a device to run malicious firmware during bootup. These ty…

technewstube.com

Researchers identified a vulnerability (CVE-2024-7344) impacting most UEFI-based systems, which allows attackers to bypass UEFI Secure Boot.

Help Net Security

New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) - Help Net Security

Microsoft has intensified its Windows 11 campaign by using aggressive tactics, including full-screen multipage popup ads, to urge Windows 10 users to upgrade before the operating system’s imminent death, slated for October 14, 2025. However, Windows 10 continues to dominate the market share with a staggering 62.73%, per StatCounter’s December 2024 report. User reluctance to upgrade to Windows 11 can partly be attributed to Microsoft’s stringent …

TECHTELEGRAPH

Microsoft fixes Secure Boot flaw, blocks new firmware attacks - TECHTELEGRAPH

Enhanced Security for Windows Devices Microsoft recently fixed a serious vulnerability that stood to risk the security of Windows devices for more than half a year. Some experts suggest this loophole had been around far longer. It allowed cyber attackers access to tamper with the firmware of devices, leading to dangerous outcomes. The repairs are in place now, but there is ambiguity about the status of Linux systems. A Closer Look at the Vulnera…

Microsoft patches Windows to eliminate Secure Boot bypass threat

Coverage Details

Bias Distribution

Ownership

Similar News Topics

Similar News Topics