Window 8 Secure Boot bypass exposed

Security researchers have demonstrated that it is possible for attackers to bypass the Windows 8 Secure Boot mechanism and modify the code for enforcing Secure Boot.

Secure Boot is a feature of the unified extensible firmware interface (UEFI) specification which allows trusted software components to be loading during the boot sequence. The UEFI looks for trusted digital signatures to avoid malware from loading during the boot process.

At the Black Hat hacker conference in Las Vegas earlier this week, security researchers Andrew Furtak, Oleksandr Bazhaniuk and Yuriy Bulygin demonstrated two ways to bypass the Secure Boot in order to install a boot rootkit on a target computer.

They said the exploit was possible not because of flaws in the Secure Boot itself but because vendors that implemented the UEFI committed errors in their implementation.

The first exploit works if vendors do not properly protect their firmware. The exploit is designed to modify the platform key. In order to work, the exploit needs to be executed in kernel mode.

RELATED CONTENT

Apple moves to thwart iPhone charger hack
Linux files complaint against Windows 8

The second exploit ran in user mode. This means that an attacker only needs to gain code execution rights on the system by exploiting a vulnerability in applications such as Adobe, Flash, Java or Microsoft Office.

Bulygin said Secure Boot is still a big step forward in computer security since in order to install boot kits now attackers need to first identify a vulnerability that would allow them to bypass Secure Boot.

Microsoft said it is now working with partners to “help ensure that secure boot delivers a great security experience for customers.”

Read the whole story here

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now