33.2 C
Jaipur
Monday, October 19, 2020

BootHole Vulnerability Affects Millions of Windows and Linux Systems

Must read

Oppo TV S1, TV R1 Series, Watch RX, Enco X TWS Earbuds Launched in China

At its much-awaited IoT event in China, Oppo took the wraps off its much-anticipated smart TV lineup. It is the Chinese giant’s first intervention...

Vi Launches Weekend Data Rollover Offer for Prepaid Customers

Vi (previously Vodafone Idea) has added a weekend data rollover scheme for prepaid users. If you’re a Vi customer, you can now make use...

SpaceX Launches 60 New Starlink Internet Satellites Into Orbit

As part of Elon Musk‘s plans to offer satellite internet services, SpaceX on Sunday successfully launched 60 Starlink 13 mission satellites into orbit. The...

How to Turn Off All Sensors on Android Smartphone

Our Android smartphones are packed with sensors that bring awesome features like navigation, automatic screen lock, playing racing games without using on-screen buttons, and...

Security researchers uncovered a new vulnerability dubbed “BootHole” present in the GRUB2 bootloader utilized by Windows and Linux systems.

Attackers can exploit this vulnerability to install a stealthy malware that gives total control of the victim machine.

“The vulnerability affects systems using Secure Boot, even if they are not using GRUB2. Almost all signed versions of GRUB2 are vulnerable, meaning virtually every Linux distribution is affected,” Eclypisum said.

GRUB2 is the replacement of GRUB(Grand Unified Bootloader) Legacy boot loader, it functions to take over from BIOS at boot time, load itself, load the Linux kernel into memory, and then turn over execution to the kernel.

According to the detailed report shared with GBHackers On Security, the flaw affects a majority of laptops, desktops, servers, and workstations that are affected, as well as network appliances and other special-purpose equipment used in industrial, healthcare, financial, and other industries.

BootHole – Buffer Overflow Vulnerability

Researchers identified a buffer overflow vulnerability in the way that GRUB2 parses content from the GRUB2 config file(grub.cfg).

The config file also not signed, the vulnerability allows attackers to enable arbitrary code execution within GRUB2 and to gain control over the operating system.

It also allows an attacker to escalate privileges and persistence on the device, even with Secure Boot enabled.

The vulnerability can be tracked as CVE-2020-10713 and received a CVSS rating of 8.2. By exploiting the Boot Hole vulnerability attackers can install persistent and stealthy boot kits or malicious bootloaders that operate even when Secure Boot is enabled and functioning correctly.

“In addition to Linux systems, any system that uses Secure Boot with the standard Microsoft UEFI CA is vulnerable to this issue.”

Researchers believe that majority of modern systems in use today, including servers and workstations, laptops and desktops, and a large number of Linux-based OT and IoT systems are affected by the vulnerability.

Mitigations

Researchers said that full mitigation of this issue will require coordinated efforts of Microsoft, open-source projects, and owners of affected systems.

“However, the full deployment of this revocation process will likely be very slow. UEFI-related updates have had a history of making devices unusable, and vendors will need to be very cautious,” researchers said.

Following are the list of advisories released by the vendors;

Researchers recommended monitoring the contents of the bootloader partition (EFI system partition) and to continue installing OS updates as usual across desktops, laptops, servers, and appliances.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity, and hacking news updates.

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Oppo TV S1, TV R1 Series, Watch RX, Enco X TWS Earbuds Launched in China

At its much-awaited IoT event in China, Oppo took the wraps off its much-anticipated smart TV lineup. It is the Chinese giant’s first intervention...

Vi Launches Weekend Data Rollover Offer for Prepaid Customers

Vi (previously Vodafone Idea) has added a weekend data rollover scheme for prepaid users. If you’re a Vi customer, you can now make use...

SpaceX Launches 60 New Starlink Internet Satellites Into Orbit

As part of Elon Musk‘s plans to offer satellite internet services, SpaceX on Sunday successfully launched 60 Starlink 13 mission satellites into orbit. The...

How to Turn Off All Sensors on Android Smartphone

Our Android smartphones are packed with sensors that bring awesome features like navigation, automatic screen lock, playing racing games without using on-screen buttons, and...

Change CPU Governor And Frequencies On Linux With cpupower-gui (New Release)

cpupower-gui is a tool that makes it easy to change the CPU governor as well as the CPU frequency limits on Linux.Besides changing the...