Security News > 2020 > July > Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems
A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide-including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system.
GRUB2 Bootloader Vulnerability Discovered by researchers from Eclypsium, BootHole is a buffer overflow vulnerability that affects all versions of GRUB2 and exists in the way it parses content from the config file, which typically is not signed like other files and executables-leaving an opportunity for attackers to break the hardware root of trust mechanism.
Though GRUB2 is the standard bootloader used by most Linux systems, it supports other operating systems, kernels, and hypervisors like XEN as well.
Thus, to exploit BootHole flaw on Windows systems, attackers can replace the default bootloaders installed on Windows systems with a vulnerable version of GRUB2 to install the rootkit malware.
Just installing patches with updated GRUB2 bootloader would not resolve the issue, because attackers can still replace the device's existing bootloader with the vulnerable version.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/WBdiyKEddek/grub2-bootloader-vulnerability.html
Related news
- Microsoft fixes Linux boot issues on dual-boot Windows systems (source)
- Windows 11 and Red Hat Linux hacked on first day of Pwn2Own (source)
- Microsoft open-sources Windows Subsystem for Linux at Build 2025 (source)
- The Windows Subsystem for Linux goes open source (source)
- Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise (source)
- Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads (source)