[Nulled] » Information security » For more than a year, the secure boot feature on MSI motherboards had a vulnerability
January 23 2023

For more than a year, the secure boot feature on MSI motherboards had

For more than a year, the secure boot feature on MSI motherboards had a vulnerability and allowed malicious code to run.

The error was discovered by David Potocki, a researcher from Poland, who repeatedly made attempts to contact the developer and did not receive a response.

As it turned out, more than 290 Intel and AMD-based MSI motherboards with the latest firmware version are affected by a problem in the default UEFI secure boot settings, which allow you to run any OS image regardless of whether it has an incorrect or completely missing signature.

Secure Boot is a feature built into the firmware of UEFI motherboards that ensures that only trusted (signed) software can be executed during the boot process.

To check the security of boot loaders, OS kernels and other important system components, the function uses a PKI (public key infrastructure), which authenticates the software and determines the reliability at each boot.

The security system is designed to prevent UEFI bootkits/rootkits from running on the computer and to warn users about OS changes.

The researcher found out that the updated version of the MSI 7C02v3C firmware, released on January 18, 2022, included changes to the default secure boot settings on MSI motherboards so that the system will boot even if it detects security breaches.

The "image execution policy" parameter in the firmware has changed to the default value "always execute", which allowed any image to boot the device in normal mode.

The researcher explained that in order to eliminate the threat, users need to set the execution policy to "prohibit execution" for "removable media" and "fixed media", which will allow downloading only signed software.

At the same time, according to the researcher, MSI never documented this maneuver, so he had to track the chronology of the introduction of an unsafe default value using IFR (representation of the internal UEFI form) to extract information about configuration parameters.

The results allowed him to determine which MSI motherboards are vulnerable. The full list includes more than 290 motherboards and is available on GitHub.

Users of the MSI motherboards listed in the list are advised to consult the BIOS settings and make sure that the "image execution policy" parameter is set to a safe value.

Information

Visitors who are in the group Guests they can't download files.
Log in to the site under your login and password or if you are a new user go through the process registrations on the website.

Comments:

This publication has no comments yet. You can be the first!

Information the publication:

  • Author of the publication: AdequateSchizo
  • Date of publication: 23 January 2023 12:12
  • Publication category(s): Information security
  • Number of views of the publication: 159
  • Number of comments to the publication: 0

Related News

16 January 2023
Information security
Red Balloon Security

Red Balloon Security researchers have discovered a potentially serious unpatched vulnerability affecting many

Read more
16 January 2023
Information security
Potentially serious UEFI

Potentially serious UEFI firmware vulnerabilities in Qualcomm Snapdragon chips affect many devices manufactured by

Read more
16 January 2023
Information security
The first January ICS

The first January ICS fixes came up with a dozen security recommendations from Siemens and Schneider Electric,

Read more
16 January 2023
Information security
Microsoft, as usual,

Microsoft, as usual, quietly fixed an important security vulnerability in the Azure service (ACS) after

Read more
16 January 2023
Information security
Well, hello in 2023!

Well, hello in 2023! It's time to get down to business again! The year has just begun, and a lot of events have

Read more

Information

Users of 🆅🅸🆂🅸🆃🅾🆁 are not allowed to comment this publication.

Site Search

Site Menu


☑ Websites Scripts

Calendar

«    December 2024    »
MonTueWedThuFriSatSun
 1
2345678
9101112131415
16171819202122
23242526272829
3031 

Advertisement

Survey on the website

Evaluate the work of the site
 

Statistics

  • +4 Total articles 6751
  • +19 Comments 4235
  • +25 Users : 6069