Latest news with #SecureBoot
Fox News
11-07-2025
- Fox News
Windows 11 flaw lets hackers bypass Secure Boot protections
Microsoft hasn't received much love for Windows 11, with many users still reluctant to ditch Windows 10 even four years after the newer OS launched. The main reasons include Microsoft's constant push to use its own services, strict hardware requirements and questionable interface changes. But if you're looking for yet another reason to dislike Windows 11, security researchers recently uncovered a critical vulnerability affecting Secure Boot. This feature is supposed to prevent malware from loading during startup. Now, hackers can bypass that protection and silently infect systems. The flaw allows attackers to disable Secure Boot on nearly any modern Windows PC or server, leaving even fully updated devices open to stealthy, undetectable malware. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my The vulnerability, tracked as CVE-2025-3052, was discovered by firmware security firm Binarly. They found that a legitimate BIOS update tool signed by Microsoft could be abused to tamper with the Windows boot process. Once exploited, the flaw allows attackers to shut off Secure Boot entirely. In the wrong hands, this vulnerability could lead to a new generation of malware. These threats could bypass even the most advanced antivirus or detection software. At the center of the issue is a BIOS-flashing utility built for rugged tablets. Microsoft signed it using its UEFI CA 2011 certificate. Because that certificate is trusted on nearly every Secure Boot-enabled system, the tool can run without raising alarms. The danger lies in how the tool handles a specific NVRAM variable. Binarly's researchers found that it reads this variable blindly, without checking what's inside. That small oversight opens the door to a serious exploit. In a demonstration, Binarly used a proof-of-concept attack to change this variable's value. By setting it to zero, they were able to overwrite a global setting critical to enforcing Secure Boot. That action completely disabled Secure Boot protections. Once that happens, unsigned UEFI modules can run freely. Attackers can then install stealthy, low-level malware known as bootkits, malware that operates below the Windows operating system itself. For hackers, this method offers the ultimate persistence. Binarly reported the flaw to CERT/CC in February 2025. At first, it appeared to affect only a single module. But Microsoft's deeper investigation uncovered a bigger problem. The same vulnerability affected 14 modules signed with the same trusted certificate. Microsoft responded in June 2025 by revoking the cryptographic hashes of all 14 affected modules. These hashes were added to the Secure Boot revocation list, known as the dbx. This prevents the modules from running during startup. However, this protection is not automatic. Unless users or organizations manually apply the updated dbx, their systems remain vulnerable, even with other patches installed. Binarly revealed that the vulnerable tool had been online since late 2022. Someone uploaded it to VirusTotal in 2024, but it went unnoticed for months. At this point, it's unclear whether any attackers have used it in the wild. We reached out to Microsoft for comment but did not receive a response before our deadline. Protecting your PC doesn't have to be complicated. Just follow these simple steps to keep hackers at bay and your information safe. 1. Keep your computer updated: Software updates aren't just about new features. They fix serious security issues. In this case, Microsoft has already released a fix for the Secure Boot vulnerability, but it only works if your system is fully updated. Just head to your settings, open Windows Update, and make sure everything is installed. A lot of people delay updates for weeks, but these patches are the first line of defense against threats like this. 2. Don't install tools you don't fully understand: It might be tempting to download apps that claim to speed up your computer or fix problems, especially ones recommended in YouTube videos or tech forums. But that's exactly how a lot of threats sneak in. This particular vulnerability came from a legitimate-looking tool that was misused. So, if you're not sure what something does or if it asks for permission to change how your system boots up, skip it. Or ask someone who knows more, before you click anything. 3. Use strong antivirus software and leave it running: Even though this new threat targets something deep inside the system, having strong antivirus protection still helps catch related malware. If you're on Windows, Defender is already built in and does a decent job. But if you don't want to rely on Windows' built-in tools, use a third-party antivirus. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices by visiting 4. Restart your computer every now and then: This one sounds basic, but it matters. A lot of updates don't fully apply until after a restart. If you keep putting your computer to sleep or hibernating it for days at a time, your system might still be stuck in an unsafe state. Try to restart it at least every couple of days, or whenever an update asks for it. 5. Don't ignore warnings from Windows or your antivirus: If something pops up telling you a file looks dangerous or that an update is needed, pay attention. It's easy to get into the habit of closing these messages without reading them, but that's how problems get missed. If a warning looks confusing or too technical, take a screenshot or a photo, and ask someone for help. The important thing is not to ignore it and move on. 6. Remove your personal data from people-search sites: Even if hackers don't directly target you through the Secure Boot flaw, many cyberattacks begin by gathering personal information that's easily found online. This can include your full name, address, phone number and even the names of your relatives. Data broker websites collect and publish this information without your consent, putting you at greater risk. Using a personal data removal service helps you reduce your online exposure and make it harder for bad actors to target you. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren't cheap - and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It's what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services and get a free scan to find out whether your personal information is already out on the web by visiting Get a free scan to find out if your personal information is already out on the web: Secure Boot is supposed to be a final safeguard, a last barrier that ensures only verified code can load when a device starts. But this vulnerability shows how easily that trust can be broken. If a single signed utility can disable the entire system's protection, then the foundation of device security starts to look worryingly thin. Do you think Microsoft is doing enough to keep your PC secure? Let us know by writing us at Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my Copyright 2025 All rights reserved.
Forbes
11-06-2025
- Forbes
Microsoft Windows Secure Boot Bypass Confirmed — Update Now
Update now as Windows Secure Boot bypass confirmed. The second Tuesday of every month is always a busy one for users of the Microsoft Windows operating system, for it is then when the monthly security rollout happens. Truth be told, Patch Tuesday is less important than Exploit Wednesday; now, threat actors are aware of the confirmed vulnerabilities, and the race is on between attackers and those who would defend against them. We've already seen reports of a zero-day threat to all Windows users, where the attacks started some months ago, and while there are no known exploits of CVE-2025-3052 in the wild, that's no reason to take it any less seriously. Why so? Because this is a Secure Boot bypass that could open up your system to further attacks and compromise. I always get a bit jittery whenever I hear of a new vulnerability that can enable a bypass of the Windows Secure Boot protections. I don't really need to explain why, do I? Suffice to say, Secure Boot is what stops your Windows device from loading insecure operating system images during boot-up. You know, the kind of backdoors that cybercriminals and surveillance states would just love to drop in there. Anyhoo. Please excuse my jitters, then, as I reveal that security researchers at Binarly Research managed to uncover just such a vulnerability impacting the Secure Boot process. Classified by the Common Vulnerabilities and Exposures database as CVE-2025-3052, this one's a doozy: it is capable of turning the protections off and allowing malware to be installed on your Windows PCs and servers. CVE-2025-3052 would appear to impact most devices that support the Unified Extensible Firmware Interface. It is a memory corruption issue that sits within a module signed with Microsoft's third-party UEFI certificate and can be exploited to run unsigned code during the boot process. 'Because the attacker's code executes before the operating system even loads,' the Binarly Research report said, 'it opens the door for attackers to install bootkits and undermine OS-level security defenses.'
Tom's Guide
10-06-2025
- Tom's Guide
Major Windows Secure Boot flaw can be used by hackers to install bootkit malware — update your PC right now
Sometimes the features designed to keep our computers safe can put us most at risk thanks to a worrying security flaw that can be exploited by hackers in their attacks. As reported by BleepingComputer, a new Secure Boot bypass (tracked as CVE-2025-3052) was recently discovered that can be used to disable Windows 11's built-in security measures to install bootkit malware. Unlike your typical Windows malware, bootkit malware targets your computer's boot process which allows an attacker to gain full control over your operating system before it even loads. To make matters worse, this type of malware is also persistent and can remain on your PC even after you reinstall Windows. Here's everything you need to know about this new Secure Boot flaw and why it's imperative that you update your Windows PC right now to stay safe from any attacks exploiting it. According to a new blog post, this flaw was discovered by Binarly security researcher Alex Matrosov after he found a BIOS-flashing utility online. Signed with Microsoft's UEFI signing certificate, the utility in question was originally designed for rugged tablets. However, it can run on any of the best Windows laptops or desktops with Secure Boot enabled. First introduced back in 2012 with the release of Windows 8, Secure Boot was created to protect against bootkit malware by ensuring that only trusted software could load during a PC's startup sequence. Ironically, thanks to this flaw, Secure Boot-enabled PCs are now vulnerable to the very thing this security feature was designed to protect against. Following an investigation, it was discovered that the vulnerable module in the utility found by Mastrosov had been available online since at least the end of 2022, though it wasn't until last year that it was uploaded to the malware detection service VirusTotal. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. To show how serious this flaw was, he and the team at Binarly created a proof of concept (PoC) exploit that set the LoadImage function used to enforce Secure Boot to zero which effectively disabled it. With this feature disabled, an attacker can install bootkit malware that can hide from both Windows and any security software installed on a system. Back in February of this year, Mastrosov disclosed the flaw to Microsoft and a fix for it was created. However, while it worked to address the flaw, the software giant determined that it impacted 13 other modules which then had to be fixed as well. So how do you protect yourself from malware that starts before Windows even loads and can easily bypass the best antivirus software? Well, by updating your PC with the latest security updates from Microsoft. In June's Patch Tuesday updates, Microsoft has included a fix for this major security flaw along with patches for other recently discovered vulnerabilities. However, the company has also added 14 new hashes to its Secure Boot dbx revocation list. Fortunately for you, this updated dbx file is contained within Microsoft's latest round of Patch Tuesday updates. While installing the latest Windows updates may seem tedious at times, I highly recommend that you stop and take the time to do so as Microsoft often includes fixes for a variety of different security flaws while also adding new features to its operating system. Given that Patch Tuesday takes place on the second Tuesday of every month, at least you know ahead of time when these very important updates will arrive. This way, you can set aside the time needed to install them or better yet, set your PC to install them automatically. When dealing with security flaws that can bypass your antivirus software, the best identity theft protection services can help you recover your identity as well as any funds lost to malware or other scams as a result of them. Keep in mind though that for identity theft insurance to pay out, you need to be signed up for one of these services before an attack takes place. Although this Secure Boot bypass is worrying, it's worth noting that it wasn't exploited by hackers in the wild. Instead, security researchers created an exploit for it in order to show how dangerous this flaw could be if knowledge of it ended up in the wrong hands. Either way, it's a great reminder as to why it's so important to keep your PC (and all of the computers in your household for that matter) up to date.
Business Standard
21-05-2025
- Business
- Business Standard
Red Hat Unveils Cloud-Optimized Red Hat Enterprise Linux
NewsVoir New Delhi [India], May 21: Red Hat, the world's leading provider of open source solutions, today announced jointly-engineered, integrated and supported images for Red Hat Enterprise Linux across Amazon Web Services (AWS), Google Cloud and Microsoft Azure. Available with the launch of Red Hat Enterprise Linux 10, these cloud-optimized offerings are tailored to specific hyperscaler environments, providing users with pre-tuned, ready-to-run images to more seamlessly build, deploy and manage workloads in the cloud. In collaboration with AWS, Google Cloud and Microsoft, Red Hat offers a ready-to-use approach for Red Hat Enterprise Linux deployments, facilitating smoother workload migrations, enhancing management and visibility for cloud deployments and delivering built-in security functions. The result is an out-of-the-box Red Hat Enterprise Linux experience that enables organizations to build faster with an optimized Linux platform in the public cloud of their choosing. These cloud-centric offerings for Red Hat Enterprise Linux provide: * Optimized performance in the cloud: Pre-configured, specifically-tuned profiles enable organizations to maintain consistency between reboots and modify settings for various subsystems without disrupting workflows. * Contained drift and accelerated delivery: Image mode for Red Hat Enterprise Linux uses container-native tooling to allow organizations to deploy Red Hat Enterprise Linux as a bootc container image in the cloud, helping to streamline cloud-native application development and IT operations into a single pipeline. * Enhanced observability and reporting: Built-in telemetry options offer a comprehensive view of organizations' Red Hat Enterprise Linux estate alongside other cloud services for unified visibility within the cloud provider dashboard. * Improved security from boot to runtime: Image attestation and top-down memory encryption through Secure Boot, Confidential Computing and Confidential Hypervisor provide a streamlined approach to cloud deployments with a stronger security footprint. Red Hat Enterprise Linux delivers a consistent foundation upon which organizations can standardize and scale, reducing complexity and providing a unified experience across hybrid and multi-cloud environments. By tuning Red Hat Enterprise Linux to meet unique cloud specifications, organizations can speed up application development, simplify management and increase efficiency to scale applications more dynamically while maintaining reliability. Availability Cloud-optimized Red Hat Enterprise Linux offerings are now available on AWS, Google Cloud and Microsoft Azure. Organizations can use their existing Red Hat Enterprise Linux subscriptions to migrate to the cloud or purchase pay-as-you-go options from their cloud marketplace of choice. Red Hat Enterprise Linux qualifies for committed spend programs with AWS, Google Cloud and Microsoft Azure, and organizations can also participate in Red Hat's hybrid committed spend program for further procurement flexibility. Red Hat Summit Join the Red Hat Summit keynotes to hear the latest from Red Hat executives, customers and partners: * Modernized infrastructure meets enterprise-ready AI -- Tuesday, May 20, 8-10 a.m. EDT (YouTube) * Hybrid cloud evolves to deliver enterprise innovation -- Wednesday, May 21, 8-9:30 a.m. EDT (YouTube) Supporting Quotes Gunnar Hellekson, Vice President and General Manager, Red Hat Enterprise Linux Business Unit, Red Hat, "Red Hat's collaboration with AWS, Google Cloud and Microsoft mark a significant leap forward in delivering cloud-ready, purpose-built offerings of the world's leading enterprise Linux platform directly into the hands of our customers. By engineering tailored experiences for Red Hat Enterprise Linux in the cloud, we are empowering organizations to accelerate their cloud transformations and deployments, enabling them to more rapidly achieve their business objectives and scale to embrace the next wave of IT innovation." Manu Parbhakar, Director, Worldwide Business Application Partners, AWS, "AWS customers gain immediate differentiated value from this Red Hat collaboration through performance-optimized Red Hat Enterprise Linux profiles that work harmoniously with our world-class cloud services ecosystem. By combining Red Hat's container-native tooling with AWS's comprehensive security features and observability dashboard, organizations achieve a level of operational efficiency and global scale that simply isn't available elsewhere in the market." Mark Lohmeyer, Vice President and General Manager, AI & Computing Infrastructure, Google Cloud, "Google Cloud is committed to providing our customers with the flexibility and tools they need to innovate and scale their operations. Red Hat Enterprise Linux for Google Cloud offers our customers a streamlined path to migrate, deploy and scale their workloads faster across the hybrid cloud, all while benefiting from integrated security capabilities and a simplified management experience. This collaboration further empowers organizations to achieve their business goals and accelerate their digital transformation on Google Cloud." Brendan Burns, Corporate Vice President, Azure Compute at Microsoft, "Microsoft and Red Hat share a commitment to enabling organizations with a more seamless and comprehensive hybrid cloud experience. Red Hat Enterprise Linux for Microsoft Azure offers a powerful solution for organizations to achieve enhanced consistency across environments and more effectively manage usage and costs, helping them unlock greater business value in the cloud." Additional Resources Read more about Red Hat Enterprise Linux 10 Explore the benefits of Red Hat Enterprise Linux in the cloud Learn more about Red Hat Summit See all of Red Hat's announcements this week in the Red Hat Summit newsroom Follow @RedHatSummit or #RHSummit on X for event-specific updates Connect with Red Hat Learn more about Red Hat Get more news in the Red Hat newsroom Read the Red Hat blog Follow Red Hat on X Follow Red Hat on Instagram Follow Red Hat on LinkedIn Watch Red Hat videos on YouTube Red Hat is the open hybrid cloud technology leader, delivering a trusted, consistent, and comprehensive foundation for transformative IT innovation and AI applications. Its portfolio of cloud, developer, AI, Linux, automation, and application platform technologies enables any application, anywhere--from the datacenter to the edge. As the world's leading provider of enterprise open source software solutions, Red Hat invests in open ecosystems and communities to solve tomorrow's IT challenges. Collaborating with partners and customers, Red Hat helps them build, connect, automate, secure, and manage their IT environments, supported by consulting services and award-winning training and certification offerings. Forward-Looking Statements Except for the historical information and discussions contained herein, statements contained in this press release may constitute forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements are based on the company's current assumptions regarding future business and financial performance. These statements involve a number of risks, uncertainties and other factors that could cause actual results to differ materially. Any forward-looking statement in this press release speaks only as of the date on which it is made. Except as required by law, the company assumes no obligation to update or revise any forward-looking statements.
Fashion Value Chain
21-05-2025
- Business
- Fashion Value Chain
Red Hat Unveils Cloud-Optimized Red Hat Enterprise Linux
Red Hat, the worlds leading provider of open source solutions, today announced jointly-engineered, integrated and supported images for Red Hat Enterprise Linux across Amazon Web Services (AWS), Google Cloud and Microsoft Azure. Available with the launch of Red Hat Enterprise Linux 10, these cloud-optimized offerings are tailored to specific hyperscaler environments, providing users with pre-tuned, ready-to-run images to more seamlessly build, deploy and manage workloads in the cloud. In collaboration with AWS, Google Cloud and Microsoft, Red Hat offers a ready-to-use approach for Red Hat Enterprise Linux deployments, facilitating smoother workload migrations, enhancing management and visibility for cloud deployments and delivering built-in security functions. The result is an out-of-the-box Red Hat Enterprise Linux experience that enables organizations to build faster with an optimized Linux platform in the public cloud of their choosing. These cloud-centric offerings for Red Hat Enterprise Linux provide: Optimized performance in the cloud: Pre-configured, specifically-tuned profiles enable organizations to maintain consistency between reboots and modify settings for various subsystems without disrupting workflows. Contained drift and accelerated delivery: Image mode for Red Hat Enterprise Linux uses container-native tooling to allow organizations to deploy Red Hat Enterprise Linux as a bootc container image in the cloud, helping to streamline cloud-native application development and IT operations into a single pipeline. Enhanced observability and reporting: Built-in telemetry options offer a comprehensive view of organizations Red Hat Enterprise Linux estate alongside other cloud services for unified visibility within the cloud provider dashboard. Improved security from boot to runtime: Image attestation and top-down memory encryption through Secure Boot, Confidential Computing and Confidential Hypervisor provide a streamlined approach to cloud deployments with a stronger security footprint. Red Hat Enterprise Linux delivers a consistent foundation upon which organizations can standardize and scale, reducing complexity and providing a unified experience across hybrid and multi-cloud environments. By tuning Red Hat Enterprise Linux to meet unique cloud specifications, organizations can speed up application development, simplify management and increase efficiency to scale applications more dynamically while maintaining reliability. Availability Cloud-optimized Red Hat Enterprise Linux offerings are now available on AWS, Google Cloud and Microsoft Azure. Organizations can use their existing Red Hat Enterprise Linux subscriptions to migrate to the cloud or purchase pay-as-you-go options from their cloud marketplace of choice. Red Hat Enterprise Linux qualifies for committed spend programs with AWS, Google Cloud and Microsoft Azure, and organizations can also participate in Red Hat's hybrid committed spend program for further procurement flexibility. Red Hat Summit Join the Red Hat Summit keynotes to hear the latest from Red Hat executives, customers and partners: Modernized infrastructure meets enterprise-ready AI – Tuesday, May 20, 8-10 a.m. EDT (YouTube) Hybrid cloud evolves to deliver enterprise innovation – Wednesday, May 21, 8-9:30 a.m. EDT (YouTube) Supporting Quotes Gunnar Hellekson, Vice President and General Manager, Red Hat Enterprise Linux Business Unit, Red Hat, 'Red Hats collaboration with AWS, Google Cloud and Microsoft mark a significant leap forward in delivering cloud-ready, purpose-built offerings of the world's leading enterprise Linux platform directly into the hands of our customers. By engineering tailored experiences for Red Hat Enterprise Linux in the cloud, we are empowering organizations to accelerate their cloud transformations and deployments, enabling them to more rapidly achieve their business objectives and scale to embrace the next wave of IT innovation.' Manu Parbhakar, Director, Worldwide Business Application Partners, AWS, 'AWS customers gain immediate differentiated value from this Red Hat collaboration through performance-optimized Red Hat Enterprise Linux profiles that work harmoniously with our world-class cloud services ecosystem. By combining Red Hats container-native tooling with AWSs comprehensive security features and observability dashboard, organizations achieve a level of operational efficiency and global scale that simply isnt available elsewhere in the market.' Mark Lohmeyer, Vice President and General Manager, AI & Computing Infrastructure, Google Cloud, 'Google Cloud is committed to providing our customers with the flexibility and tools they need to innovate and scale their operations. Red Hat Enterprise Linux for Google Cloud offers our customers a streamlined path to migrate, deploy and scale their workloads faster across the hybrid cloud, all while benefiting from integrated security capabilities and a simplified management experience. This collaboration further empowers organizations to achieve their business goals and accelerate their digital transformation on Google Cloud.' Brendan Burns, Corporate Vice President, Azure Compute at Microsoft, 'Microsoft and Red Hat share a commitment to enabling organizations with a more seamless and comprehensive hybrid cloud experience. Red Hat Enterprise Linux for Microsoft Azure offers a powerful solution for organizations to achieve enhanced consistency across environments and more effectively manage usage and costs, helping them unlock greater business value in the cloud.' Additional Resources Read more about Red Hat Enterprise Linux 10 Explore the benefits of Red Hat Enterprise Linux in the cloud Learn more about Red Hat Summit See all of Red Hat's announcements this week in the Red Hat Summit newsroom Follow @RedHatSummit or #RHSummit on X for event-specific updates Connect with Red Hat Learn more about Red Hat Get more news in the Red Hat newsroom Read the Red Hat blog Follow Red Hat on X Follow Red Hat on Instagram Follow Red Hat on LinkedIn Watch Red Hat videos on YouTube About Red Hat Red Hat is the open hybrid cloud technology leader, delivering a trusted, consistent, and comprehensive foundation for transformative IT innovation and AI applications. Its portfolio of cloud, developer, AI, Linux, automation, and application platform technologies enables any application, anywhere-from the datacenter to the edge. As the worlds leading provider of enterprise open source software solutions, Red Hat invests in open ecosystems and communities to solve tomorrows IT challenges. Collaborating with partners and customers, Red Hat helps them build, connect, automate, secure, and manage their IT environments, supported by consulting services and award-winning training and certification offerings. Forward-Looking Statements Except for the historical information and discussions contained herein, statements contained in this press release may constitute forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements are based on the company's current assumptions regarding future business and financial performance. These statements involve a number of risks, uncertainties and other factors that could cause actual results to differ materially. Any forward-looking statement in this press release speaks only as of the date on which it is made. Except as required by law, the company assumes no obligation to update or revise any forward-looking statements.
