Critical Vulnerability: UEFI Secure Boot Bypass Discovered

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Critical Vulnerability: UEFI Secure Boot Bypass Discovered

2025-06-10

Binarly Research has uncovered a critical vulnerability, CVE-2025-3052, affecting most UEFI-enabled devices. This memory corruption vulnerability resides in a module signed with a Microsoft third-party UEFI certificate. Exploitation allows attackers to run unsigned code during boot, bypassing Secure Boot and compromising the system's chain of trust. This enables the installation of bootkits and circumvention of OS-level security. The root cause is unsafe handling of NVRAM variables. Microsoft addressed the issue, impacting 14 modules, with a June 10th patch.

(www.binarly.io)

Tech

130-Mile VTOL Drone Built in 90 Days: From Zero to Hero

AI Boosts Efficiency for US Intelligence Agencies