Security News > 2022 > November > Acer fixes UEFI bugs that can be used to disable Secure Boot
Acer has fixed a high-severity vulnerability affecting multiple laptop models that could enable local attackers to deactivate UEFI Secure Boot on targeted systems.
Attackers with high privileges can abuse it in low-complexity attacks that require no user interaction to alter UEFI Secure Boot settings by modifying the BootOrderSecureBootDisable NVRAM variable to disable Secure Boot.
"Researchers have identified a vulnerability that may allow changes to Secure Boot settings by creating NVRAM variables," Acer said.
After exploiting the vulnerability on affected Acer laptops and turning off Secure Boot, threat actors can hijack the OS loading process and load unsigned bootloaders to bypass or disable protections and deploy malicious payloads with system privileges.
Lenovo patched similar bugs found by ESET researchers in multiple ThinkBook, IdeaPad, and Yoga laptop models earlier this month that could allow attackers to deactivate UEFI Secure Boot.
In the case of Lenovo, the issue was caused by the company's developers including an early development driver in production drivers that could change secure boot settings from the OS. In January, ESET found three other UEFI firmware flaws that could enable attackers to hijack the startup routine on more than 70 Lenovo device models running Windows.