Contrary to the belief about the extremely high degree of security of boot loaders for UNIX-based systems, there have recently been reports from security experts about quite critical flaws, up to a risk level of up to 7.5 on the CVSS 3.0 scale.

 

This list includes bootloaders such as GRUB and its next modification – GRUB2, and the main vulnerability that started it all turned out to be BootHole.

 

 

The most important thing is that on the basis of this boot vulnerability, it became possible to create parallel paths of information passing during checks from the algorithm underlying the UEFI structure and its Secure Boot, which ultimately negates the guarantees of this mechanism about the reliability of the loaded code.

Within a few months, specialists processed a lot of error reports on these loaders, which eventually made it possible to create a patch package that takes into account 117 adjustments.

 

However, further work in this direction not only does not stop, but on the contrary, enters a more intense phase: due to the study of not only security specialists, but also cybercriminals of codes at the level of vulnerability search by artificial intelligence, the system itself becomes more complex to detect ways to bypass protection due to the emergence of multi-level attack vectors, and, thus, complicating their detection.

 

As for Windows, just a month ago, automatic updates were released to block attempts to introduce rootkits into the UEFI firmware itself, as well as to try to ignore the TPM chips (that is, the trusted platform module) and DBX, which includes databases of prohibited downloads – or signatures.

 

Without stopping there and understanding the critical importance of such patches for the security of booting and functioning of their OS, Microsoft Corporation focuses on a special edition of the manual, which describes the exact sequence of installing such updates, in the case when for some reason automatic updates are disabled: “Secure Boot DBX”.

Leave a Reply

Your email address will not be published. Required fields are marked *

GPD Host Contacts
GPD Host Social
Pay with Confidence

Copyright © 2015 - 2020 GPD Host All right reserved.

Warning: Invalid argument supplied for foreach() in /var/www/vhosts/blog.gpdhost.com/httpdocs/wp-includes/script-loader.php on line 2652