negativeSYS.SOURCE: The Hacker News• 2026-07-14T18:16:18+05:30
11 Outdated Microsoft-Signed UEFI Shims Pose Secure Boot Bypass Risk
11 outdated Microsoft-signed UEFI shims can be exploited to bypass Secure Boot protections by executing arbitrary code during system boot. The vulnerability arises from unrevoked, expired certificates allowing attackers to deploy malicious bootkits despite security updates.
Cybersecurity researchers have discovered 11 old, Microsoft-signed, Unified Extensible Firmware Interface (UEFI) applications that could be abused to bypass Secure Boot on most systems using the modern firmware standard.
"An attacker exploiting one of these vulnerable applications can execute untrusted code during system boot, enabling deployment of malicious UEFI bootkits or other malware,"
*** END OF TRANSMISSION ***