Roughly nine percent of tested firmware images use non-production cryptographic keys that are publicly known or leaked in data breaches, leaving many Secure Boot devices vulnerable to UEFI bootkit ...

A couple of months ago, we reported on the PKfail vulnerability in Secure Boot — a security issue that stems from hardware manufacturers shipping devices with known compromised software. After digging ...

Attackers can bypass the Secure Boot process on millions of Intel and ARM microprocessor-based computing systems from multiple vendors, because they all share a previously leaked cryptographic key ...

Researchers have uncovered "LogoFAIL," a set of critical vulnerabilities present in the Unified Extensible Firmware Interface (UEFI) ecosystem for PCs. Exploitation of the vulnerabilities nullify ...

Microsoft reminds everyone that the initial wave of Secure Boot certificates, dropped in 2011, are due to expire.

Windows systems are heading toward a trust-chain maintenance event that’s easy to overlook until it breaks something. Windows 10 and Windows 11 rely on three security certificates that begin expiring ...

I'm assuming the issue is that some exploit in the last year has resulted in the UEFI being revoked. Can I ignore this warning, turn off secure boot, update Ubuntu, and then turn it back on? Or do I ...

Microsoft is rolling out refreshed Secure Boot certificates across the Windows ecosystem, aiming to replace the original trust anchors that have been in use since 2011. Secure Boot is enforced by UEFI ...

Microsoft this week offered guidance to address a Secure Boot vulnerability in Windows and Linux systems, but it'll likely be a long-term project for IT pros. The issue was identified by Microsoft in ...