MSI Board Owners: Check Your UEFI Secure Boot Settings!

P

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Content source
https://www.bleepingcomputer.com/news/security/msi-accidentally-breaks-secure-boot-for-hundreds-of-motherboards/
Potocki claims that MSI's firmware update version' 7C02v3C,' released on January 18, 2022, changed a default Secure Boot setting on MSI motherboards so that the system will boot even if it detects security violations.

"I decided to setup Secure Boot on my new desktop with the help of sbctl. Unfortunately, I have found that my firmware was accepting every OS image I gave it, no matter if it was trusted or not," explains the researcher in his writeup.

"As I have later discovered on 2022-12-16, it wasn't just broken firmware; MSI had changed their Secure Boot defaults to allow booting on security violations(!!)."
Click to expand...

Potocki explains that users should set the Execution Policy to "Deny Execute" for "Removable Media" and "Fixed Media," which should only allow signed software to boot.
Click to expand...

A complete list of the over 290 motherboards affected by this insecure setting is available on GitHub.
Click to expand...

Personal note: Windows users w/certain MSI boards who can't update to 11 might be esp. interested. According to the Bleeping article, MSI has not yet responded with an answer on how it plans to address this issue.
 
  • Wow
  • +Reputation
  • Like
Reactions: SeriousHoax, Divine_Barakah, Freki123 and 9 others
P

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Zero Knowledge said:
Dissapointed but software has always been MSI's downfall
Click to expand...

Interesting. Very recently, the developer of MSI Afterburner (for those who don't know, it's a gpu tuning software) claimed that program was "semi-abandoned" and may be "reaching end-of-life." The reason? MSI has been unable (they claim) to forward his payments due to the Ukraine invasion.

They say they're currently "looking into it." But I cannot blame the dev--he wants his pay just like anybody. But after this revelation, it's prob. no coincidence AFB was on the list for malicious hijacking (like OBS and some others).

Wow. 🤔
 
  • Like
  • Wow
Reactions: SeriousHoax, Divine_Barakah, Stopspying and 4 others
upnorth

upnorth

Level 68
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
MSI will be rolling out new BIOS files for motherboards with ”Deny Execute” as the default setting for higher security levels.
Click to expand...

MSI USA

Welcome to the MSI USA website. MSI designs and creates Mainboard, AIO, Graphics card, Notebook, Netbook, Tablet PC, Consumer electronics, Communication, Barebone, Server, industrial computing, Multimedia, Clean Machine and Car Infotainment.
us.msi.com us.msi.com
 
  • +Reputation
  • Like
Reactions: Gandalf_The_Grey, harlan4096 and plat
You must log in or register to reply here.

Similar threads

Brahman
    • Like
    • Wow
    • +Reputation
Security News Secure Boot is completely broken on 200+ models from 5 big device makers
Replies
0
Views
2,407
Security News
Brahman
Brahman
nicolaasjan
    • Like
    • Thanks
    • Wow
Security News "Something has gone seriously wrong," dual-boot systems warn after Microsoft update
Replies
10
Views
2,355
Security News
Victor M
Victor M
Gandalf_The_Grey
    • +Reputation
    • Wow
    • Like
Money Message ransomware gang claims MSI breach, demands $4 million
Replies
4
Views
2,655
News Archive
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top