MSI accidentally disables Secure Boot on hundreds of its motherboards:
One of the latest MSI UEFI updates accidentally disabled Secure Boot technology on hundreds of its motherboards, reports Bleeping Computer. As a consequence, over 290 motherboards for AMD and Intel processors can run insecure operating systems, which can be harmful.
MSI's firmware update version 7C02v3C released on January 18, 2022, comes with Image Execution Policy set to 'Always Execute' by default, which allows the PC to boot an operating system that lacks proper signature by its developer. This means that a computer can boot an OS that may have been tampered with, which is an insecure policy as the operating system may be infected or have malicious intent.
The discovery was recently made by Polish security researcher named Dawid Potocki. The researcher noted that he contacted MSI, but did not receive any response, which essentially means that so far the motherboard maker has not fixed its Secure Boot.
See article for a list of motherboard models.
(Score: 3, Interesting) by RS3 on Saturday January 21 2023, @07:30PM (1 child)
What I'm not sure about: if you disable "secure boot", will Windows 10 / 11 know and cause problems? Like will it refuse to allow you to install something, or change something, because it "detects an insecure system"??
If it's not doing that now, will MS release a "security patch" to brick computers that didn't "securely boot"??
(Score: 0) by Anonymous Coward on Tuesday January 24 2023, @01:23PM
How does a computer running Windows 10 with this option apply the Windows 11 patches and just keep working? Or does it just allow anything signed by microsoft?
What if I want to make and run my own OS?