Acer fixes UEFI bugs that can be used to disable Secure Boot

Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,567
Content source
https://www.bleepingcomputer.com/news/security/acer-fixes-uefi-bugs-that-can-be-used-to-disable-secure-boot/
Acer has fixed a high-severity vulnerability affecting multiple laptop models that could enable local attackers to deactivate UEFI Secure Boot on targeted systems.

The Secure Boot security feature blocks untrusted operating systems bootloaders on computers with a Trusted Platform Module (TPM) chip and Unified Extensible Firmware Interface (UEFI) firmware to prevent malicious code like rootkits and bootkits from loading during the startup process.

Reported by ESET malware researcher Martin Smolar, the security flaw (CVE-2022-4020) was discovered in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices.

Attackers with high privileges can abuse it in low-complexity attacks that require no user interaction to alter UEFI Secure Boot settings by modifying the BootOrderSecureBootDisable NVRAM variable to disable Secure Boot.

"Researchers have identified a vulnerability that may allow changes to Secure Boot settings by creating NVRAM variables (actual value of the variable is not important, only the existence is checked by the affected firmware drivers)," Acer said.

After exploiting the vulnerability on affected Acer laptops and turning off Secure Boot, threat actors can hijack the OS loading process and load unsigned bootloaders to bypass or disable protections and deploy malicious payloads with system privileges.
Click to expand...
"Acer recommends updating your BIOS to the latest version to resolve this issue. This update will be included as a critical Windows update," the company added.

Alternatively, customers can download the BIOS update from the company's support website and deploy it manually on affected systems.
Click to expand...
www.bleepingcomputer.com

Acer fixes UEFI bugs that can be used to disable Secure Boot

Acer has fixed a high-severity vulnerability affecting multiple laptop models that could enable local attackers to deactivate UEFI Secure Boot on targeted systems.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: silversurfer, Viking, Nevi and 3 others
You must log in or register to reply here.

Similar threads

[correlate]
    • Like
The stack buffer overflow vulnerability leads to arbitrary code execution in UEFI application on multiple HP devices.
Replies
0
Views
1,246
News Archive
[correlate]
[correlate]
CyberTech
    • Like
    • +Reputation
Security News LogoFAIL bugs in UEFI code allow planting bootkits via images
Replies
2
Views
1,825
Security News
Andy Ful
Andy Ful
silversurfer
    • Like
    • +Reputation
    • Sad
  • Locked
BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11
Replies
20
Views
2,195
News Archive
simmerskool
simmerskool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top