A new update released by MSI has been determined to affect motherboards with Intel and AMD processors. A security researcher has uncovered a major vulnerability in the firmware update that MSI released. It has been found that the update released for MSI motherboards makes Secure Boot useless.
Secure Boot danger on MSI motherboards
According to researcher Dawid Potocki, the update made many of MSI’s motherboards “less secure.” The latest vulnerability to MSI motherboards renders Secure Boot dysfunctional. For those who don’t know, Secure Boot allows a device to boot using only manufacturer-licensed software.
Potocki discovered this problem when he was able to circumvent Secure Boot with his own certificate. He said he signed the Secure Boot process himself, but in turn, the UEFI software boots every operating system regardless of the signature. MSI’s software update eliminated the Secure Boot lock as it was set to “Always Execute” instead of “Deny Execution”. Secure Boot, which does not need signature verification, compromised the computer.
Potocki estimates that the total number of motherboards affected by the issue is over 290 for both Intel and AMD processors. It should be noted that affected users should change the Secure Boot setting to “Deny Execution”. However, MSI has not disclosed the reason why the security feature was turned off.
Customers with MSI motherboards need to make sure they have Secure Boot enabled and configured properly. For this you can check the firmware version and install the latest BIOS update.
So what do you think about this subject? You can share your views with us in the comments section.
9598
