BootHole GRUB bootloader bug lets hackers hide malware in Linux, Windows (Secure Boot Bypass)

Discussion in 'other security issues & news' started by guest, Jul 29, 2020.

  1. guest

    guest Guest

    BootHole GRUB bootloader bug lets hackers hide malware in Linux, Windows
    July 29, 2020
    https://www.bleepingcomputer.com/ne...g-lets-hackers-hide-malware-in-linux-windows/
    Eclypsium: There’s a Hole in the Boot
     
  2. guest

    guest Guest

    Billions of Devices Impacted by Secure Boot Bypass
    July 29, 2020
    https://threatpost.com/billions-of-devices-impacted-secure-boot-bypass/157843/
     
  3. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,428
    I noticed that all my Debian Buster systems received NEW Grub 2 updates in the last day or so. I think my systems sit outside this specific attack surface because my boot files are never connected after the first few seconds of booting (removable /boot). You can't store boot file malware in /boot when my USB isn't connected. Also, I wonder since I keep my disks at MBR vs UEFI if that is providing cover as well?

    I will be reading and researching this as a learning experience.
     
  4. guest

    guest Guest

    GRUB2 bootloader is vulnerable to buffer overflow
    Vulnerability Note VU#174059
    July 29, 2020

    https://kb.cert.org/vuls/id/174059
     
  5. guest

    guest Guest

    Companies Respond to 'BootHole' Vulnerability
    July 30, 2020
    https://www.securityweek.com/companies-respond-boothole-vulnerability
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    171,231
    Location:
    Texas
    GNU GRUB2 Vulnerability
     
  7. guest

    guest Guest

    Updates provided by Red Hat for BootHole cause systems to hang
    July 31, 2020
    https://securityaffairs.co/wordpress/106601/security/red-hat-boothole-fix-problems.html
     
  8. longshots

    longshots Registered Member

    Joined:
    Oct 20, 2017
    Posts:
    615
    Location:
    Australia
  9. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,428
    Fixed in Buster weeks ago!
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.