Security News > 2025 > January > New UEFI Secure Boot flaw exposes systems to bootkits, patch now
2025-01-16 15:05
A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active. [...]
News URL
Related news
- ESET researchers analyze first UEFI bootkit for Linux systems (source)
- BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (source)
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) (source)
- New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-14 | CVE-2024-7344 | Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path. | 0.0 |