Skip to content

Microsoft’s Secure Boot has been broken for a decade and no one noticed until now

8.2 relevance
Score Breakdown
technical depth
9
novelty
9
actionability
8
community
8
strategic
6
personal
7

Scored daily by a customisable AI persona to surface the most relevant engineering leadership news.

Critical Secure Boot vulnerability with long-term security implications; highly actionable for system admins.

AI/ML arstechnica.com
Microsoft’s Secure Boot has been broken for a decade and no one noticed until now
Summary

ESET's Martin Smolár discovered 11 unrevoked shims signed by Microsoft, some from 2013, enabling trivial Secure Boot bypass to install persistent bootkits like LoJax and BlackLotus on Windows and Linux. The shims, secondary trust anchors for Linux and third-party software, were never revoked despite known vulnerabilities, undermining UEFI trust until Microsoft's June patch. This decade-long gap requires only an old shim binary and basic understanding to exploit.

Author

Dan Goodin — Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. A journalist with more than 25 years experience, he has been chronicling the...

More from Dan Goodin →