It is currently 18-12-2017 04:16

Error in the design of the Windows allows you to bypass the UEFI SecureBoot

Error in the design of the Windows allows you to bypass the UEFI SecureBoot

by sigismund » 2016-08-12 10:25:09


the Attacker has administrator rights or physical access to the device can disable SecureBoot to install any OS or load rootkits.


Microsoft mistakenly declassified private keys mechanism for secure boot SecureBoot, thus providing attackers access to the devices based on Windows, including smartphones and tablets.

Secure Boot (secure boot or secure boot) is one feature of UEFI, which allows to deal with rootkits and buckytube at the preliminary stage of loading the operating system. The Protocol provides protection to the boot environment of the computer from interfering in the boot files by checking signatures of downloaded files on their conformity to white list keys, sewn in UEFI as trusted. One of the consequences of such protection is the inability to install alternative operating system. In some systems and devices like Windows RT and Windows Phone feature SecureBoot cannot be disabled by the user.

Public attention to the vulnerability drew independent researchers MY123 and Slipstream. According to them, attackers with administrator privileges or physical access to the device can not only disable SecureBoot and install any operating system, but also to load rootkits and bootkits. A problem with the secure boot policy used by the SecureBoot.

As noted by the researchers, Microsoft will not be able to withdraw all the leaked keys, potentially leaving a backdoor for the FBI and the NSA, which can be used to unlock devices running Windows appearing in criminal cases.
In July and August, Microsoft released patches MS16-094 and MS16-100, eliminates a security vulnerability in Secure Boot, but the first update was inadequate and incomplete second. It is assumed that the third update will be available in September of this year.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5