Nearly 300 MSI motherboards will run any code in Secure Boot, no questions asked 'I believe they made this change deliberately' claims researcher
The Secure Boot process on almost 300 different PC motherboard models manufactured by Micro-Star International (MSI) isn't secure, which is particularly problematic when "Secure" is part of the process description.
Dawid Potocki, an open source security researcher and student based in New Zealand, found last month that some MSI motherboards with certain firmware versions allow arbitrary binaries to boot despite Secure Boot policy violations.
Secure Boot is a PC security standard intended to ensure that devices boot only software trusted by the maker of the hardware. The device firmware is supposed to check the cryptographic signature of each piece of boot software, including UEFI firmware drivers, EFI applications, and the operating system. That's the theory, anyway.
Nearly 300 MSI motherboards will run any code in Secure Boot
The Register
Post Comment