Security News > 2020 > July > Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems
A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide-including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system.
GRUB2 Bootloader Vulnerability Discovered by researchers from Eclypsium, BootHole is a buffer overflow vulnerability that affects all versions of GRUB2 and exists in the way it parses content from the config file, which typically is not signed like other files and executables-leaving an opportunity for attackers to break the hardware root of trust mechanism.
Though GRUB2 is the standard bootloader used by most Linux systems, it supports other operating systems, kernels, and hypervisors like XEN as well.
Thus, to exploit BootHole flaw on Windows systems, attackers can replace the default bootloaders installed on Windows systems with a vulnerable version of GRUB2 to install the rootkit malware.
Just installing patches with updated GRUB2 bootloader would not resolve the issue, because attackers can still replace the device's existing bootloader with the vulnerable version.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/WBdiyKEddek/grub2-bootloader-vulnerability.html
Related news
- PHP fixes critical RCE flaw impacting all versions for Windows (source)
- New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems (source)
- New Ransomware-as-a-Service 'Eldorado' Targets Windows and Linux Systems (source)
- Critical Windows licensing bugs, plus two others under attack, top Patch Tuesday (source)