The number of UEFI vulnerabilities discovered in recent years and the failures in patching them or revoking vulnerable binaries within a reasonable time window hasn’t gone unnoticed by threat actors.

When a VirtualBox virtual machine boots directly into the UEFI Interactive Shell, it’s typically because the EFI firmware cannot automatically find a bootable operating system loader. This could be ...

ESET researchers have discovered a vulnerability that allows bypassing UEFI Secure Boot, affecting the majority of UEFI-based systems. This vulnerability, assigned CVE-2024-7344, was found in a UEFI ...

A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active. The ...

Researchers on Wednesday announced a major cybersecurity find—the world’s first-known instance of real-world malware that can hijack a computer’s boot process even when Secure Boot and other advanced ...

Following my recent posts concerning my experiences with Unified Extensible Firmware Interface (UEFI) and secure booting, here's a Q&A with Mark Doran, the UEFI forum president. In general I agree ...