Old shims break Secure Boot’s trust for a decade

1 min read
Source: Ars Technica
Old shims break Secure Boot’s trust for a decade
Photo: Ars Technica
TL;DR Summary

Researchers found 11 legacy UEFI shims, some dating back to 2013, that Microsoft failed to revoke, enabling a bypass of Secure Boot on Windows and Linux by simply using the still-trusted shim binaries. These shims can authorize subsequent bootloaders and load malicious firmware that persists after OS reinstalls, with revocation hampered by the DB/DBX system and newer SBAT/SVN mechanisms, all within tight size limits. Microsoft revoked the affected shims in June after the alert, but the case highlights the fragility and complexity of Secure Boot’s trust model. Linux users should verify status via vendor/ distributor tools (e.g., uefi-dbx-audit), and Windows users should note that the June patch has mitigations for many systems while the broader lesson remains that Secure Boot requires ongoing scrutiny.

Share this article

Reading Insights

Total Reads

1

Unique Readers

1

Time Saved

8 min

vs 9 min read

Condensed

93%

1,675123 words

Want the full story? Read the original article

Read on Ars Technica