Security News > 2023 > January > Nearly 300 MSI motherboards will run any old code in Secure Boot, no questions asked

The Secure Boot process on almost 300 different PC motherboard models manufactured by Micro-Star International isn't secure, which is particularly problematic when "Secure" is part of the process description.

Dawid Potocki, an open source security researcher and student based in New Zealand, found last month that some MSI motherboards with certain firmware versions allow arbitrary binaries to boot despite Secure Boot policy violations.

Secure Boot is a PC security standard intended to ensure that devices boot only software trusted by the maker of the hardware.

"On 2022-12-11, I decided to set up Secure Boot on my new desktop with [the] help of sbctl, ," Potocki explained in a blog post last week.

After finding that the MSI PRO Z790-A WIFI failed to verify binaries, Potocki began looking into other MSI motherboards to see if they had similarly lax settings.

According to Potocki, MSI by default sets "Always execute" on policy violation for everything, making Secure Boot worthless under default settings.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/01/17/msi_motherboards_secure_boot/