ESET researchers have uncovered a vulnerability that, if exploited, would allow bad actors to circumvent UEFI Secure Boot and deploy malicious UEFI bootkits such as Bootkitty or BlackLotus on ...

Why it matters: Discovered in October 2022, BlackLotus is a powerful UEFI-compatible bootkit sold on underground marketplaces at $5,000 per license. The malware provides impressive capabilities, and a ...

Two research groups demonstrate PC firmware vulnerabilities that are difficult to mitigate and likely to be exploited in the wild. Two teams of researchers have revealed vulnerabilities this week in ...

Microsoft has recently begun replacing expiring Secure Boot certificates on eligible Windows 11 systems running 24H2 and 25H2 ...

Microsoft has started rolling out new Secure Boot certificates that will automatically install on eligible Windows 11 24H2 ...

The vulnerabilities were introduced when Lenovo inadvertently included an early development driver in the commercial versions of their software. Lenovo has released fixes for high-severity bios ...

One of the largest underlying changes to Windows 8 is the long-overdue shift from BIOS to UEFI. UEFI (Unified Extensible Firmware Interface) is superior to BIOS (Basic Input/Output System) in almost ...

The extended security update (ESU) support for Windows 7, alongside that of Windows 8.1, ends today. This means no more security updates, via Patch Tuesdays, will be released, and users will either ...

Acer has fixed a high-severity vulnerability affecting multiple laptop models that could enable local attackers to deactivate UEFI Secure Boot on targeted systems. The Secure Boot security feature ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

There's a surprising amount of code running before the OS even loads.