Bleeping Computer

Critical flaw in Shim bootloader impacts major Linux distros

A critical vulnerability in the Shim Linux bootloader enables attackers to execute code and take control of a target system before the kernel is loaded, bypassing existing security mechanisms. Shim is ...
CSOonline

Linux GRUB2 bootloader flaw breaks Secure Boot on most computers and servers

Operating system maintainers, computer manufacturers, security and virtualization software vendors have worked together over the past few months to coordinate a unified response to a vulnerability ...
Ars Technica

Critical vulnerability affecting most Linux distros allows for bootkits

Linux developers are in the process of patching a high-severity vulnerability that, in certain cases, allows the installation of malware that runs at the firmware level, giving infections access to ...
Bleeping Computer

Microsoft confirms August updates break Linux boot in dual-boot systems

Microsoft has confirmed the August 2024 Windows security updates are causing Linux booting issues on dual-boot systems with Secure Boot enabled. The issue is caused by a Secure Boot Advanced Targeting ...
Hackaday

This Week In Security: Broken Shims, LassPass, And Toothbrushes?

Linux has a shim problem. Which naturally leads to a reasonable question: What’s a shim, and why do we need it? The answer: Making Linux work wit Secure Boot, and an unintended quirk of the GPLv3.
Ars Technica

Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them.

Researchers have unearthed two publicly available exploits that completely evade protections offered by Secure Boot, the industry-wide mechanism for ensuring devices load only secure operating system ...
TechSpot

Microsoft security update breaks dual-boot Linux systems using Secure Boot

Facepalm: Microsoft recently released its latest batch of monthly security updates for Windows and other software products. However, a bug fix designed to address a Secure Boot vulnerability ...