PKfail: An AMI Platform Key discovered on GitHub led researchers to uncover test keys in firmware images from major PC and server vendors, something hackers could exploit if leaked to gain kernel ...
Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware.
WTF?! If you thought your laptop, desktop, or server was protected by Secure Boot, think again. A new vulnerability dubbed "PKfail" has left Secure Boot wide open on hundreds of PC and devices across ...
A supply chain failure that compromises Secure Boot protections on computing devices from across the device-making industry extends to a much larger number of models than previously known, including ...
Roughly nine percent of tested firmware images use non-production cryptographic keys that are publicly known or leaked in data breaches, leaving many Secure Boot devices vulnerable to UEFI bootkit ...
ESET researchers discovered 11 vulnerable UEFI shim bootloaders signed by Microsoft that allow attackers to bypass UEFI ...
The clock is ticking for Windows and Linux users to update cryptographic keys that protect their systems against firmware-based UEFI infections, a pernicious form of malware that loads before ...
Microsoft has launched a critical "generational refresh" of Secure Boot certificates to replace aging security keys that are nearing their end-of-life. This move is essential for maintaining the ...
A cyber security research firm has published a shocking report outlining how the Secure Boot feature found on UEFI motherboards was compromised almost two years ago due to its passcode being leaked.
Eleven old Microsoft-signed UEFI shims could let admin-level attackers bypass Secure Boot and run code before the operating system loads ...
Certificate Expiration: The KEK CA 2011 certificate expired on June 24, 2026, stopping unpatched systems from receiving new Secure Boot revocations. Trust Chain Preservation: The update replaces 2011 ...