Tag

Shim

All articles tagged with #shim

Old Microsoft-Signed UEFI Shims Pose Secure Boot Bypass Risk
technology2 days ago

Old Microsoft-Signed UEFI Shims Pose Secure Boot Bypass Risk

Security researchers warn that 11 older, Microsoft-signed UEFI shim bootloaders remain trusted and can be exploited to bypass Secure Boot during boot, enabling bootkits and persistence even on patched systems. The attack leverages legacy certificates (Microsoft UEFI CA 2011), MOK allowlists and SBAT revocation gaps to load vulnerable binaries before the OS initializes. CVEs CVE-2026-8863 and CVE-2026-10797 are involved; Microsoft revoked affected shims in June 2026, but risk persists if these components are not explicitly revoked by hash, creating a long-term supply-chain exposure across multiple vendors (e.g., Red Hat, SUSE, Oracle Linux).

"Shim Bootloader Vulnerability Exposes Linux Secure Boot"
device-security-vulnerability2 years ago

"Shim Bootloader Vulnerability Exposes Linux Secure Boot"

A critical vulnerability (CVE-2023-40547) in the shim bootloader used by nearly all Linux distributions could allow for remote code execution and Secure Boot bypass. This flaw, discovered by Bill Demirkapi, could be exploited to achieve a Man-in-the-Middle attack and compromise the system before the kernel is loaded. Five other vulnerabilities were also fixed in shim version 15.8, including out-of-bounds reads and buffer overflows. Firmware security firm Eclypsium warned that exploiting this vulnerability grants the attacker privileged access and the ability to circumvent kernel and operating system controls.