By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
AdkhabarAdkhabarAdkhabar
Notification Show More
Font ResizerAa
  • Home
  • Automobile
  • Entertainment
  • Esports
  • Food
  • Health
  • Life Style
  • News
  • Technology
  • Travel
Reading: ESET Research discovers vulnerable UEFI shims undermining devices Secure Boot
Share
Font ResizerAa
AdkhabarAdkhabar
  • Home
  • Automobile
  • Entertainment
  • Esports
  • Food
  • Health
  • Life Style
  • News
  • Technology
  • Travel
Search
  • Home
  • Automobile
  • Entertainment
  • Esports
  • Food
  • Health
  • Life Style
  • News
  • Technology
  • Travel
Follow US
Adkhabar > Blog > Technology > ESET Research discovers vulnerable UEFI shims undermining devices Secure Boot
ESET Research discovers vulnerable UEFI shims undermining devices Secure Boot
Technology

ESET Research discovers vulnerable UEFI shims undermining devices Secure Boot

GlobeNews Wire
Last updated: 14/07/2026 2:43 PM
GlobeNews Wire
Published: 14/07/2026
Share
SHARE
  • ESET researchers discovered 11 old, Microsoft-signed, UEFI applications that allow bypassing UEFI Secure Boot on the majority of UEFI-based systems.
  • An attacker exploiting one of these vulnerable applications can execute untrusted code during system boot, enabling deployment of malicious UEFI bootkits or other malware.
  • Exploitation is not limited to systems with the affected software or Operation system (OS) installed, as attackers can bring their own copy of the vulnerable binaries to any UEFI system with the Microsoft third-party UEFI certificate enrolled.
  • All UEFI systems with Microsoft third-party UEFI signing enabled are affected (Windows 11 Secured-core PCs are expected to have this option disabled by default).
  • The vulnerable binaries were revoked by Microsoft.

BRATISLAVA, Slovakia, July 14, 2026 (GLOBE NEWSWIRE) — ESET researchers discovered 11 vulnerable UEFI shim bootloaders signed by Microsoft that allow attackers to bypass UEFI Secure Boot by exploiting decade-old vulnerabilities. UEFI shim bootloaders are tiny bits of code designed to bridge the gap between motherboard UEFI firmware and an operating system. The vulnerable shims, at versions 0.9 and below, can be used to bypass UEFI Secure Boot on any UEFI-based machine that trusts the Microsoft Corporation UEFI CA 2011 third-party UEFI certificate authority (CA) certificate, regardless of the installed operating system. Reported shims can be exploited to execute untrusted code during system boot, enabling attackers to deploy malicious UEFI bootkits even on systems with UEFI Secure Boot enabled. ESET reported findings to CERT/CC; the vulnerable UEFI applications were then revoked.

The discovered shims come from various tools or software packages, including PC-diagnostic software, Linux distributions, and other UEFI-based utilities. Importantly, exploitation is not limited to systems with the affected software or OS installed, as attackers can bring their own copy of the vulnerable shims to any UEFI system with the Microsoft third-party UEFI certificate enrolled.

“What makes these old shims dangerous is not a novel vulnerability; it’s that no new vulnerability is needed to bypass UEFI Secure Boot. An attacker needs no complicated exploitation primitives — only a copy of an old, still-trusted but unrevoked shim binary and a basic understanding of how UEFI shims work. That is enough to bypass such an essential security feature as UEFI Secure Boot,” says ESET researcher Martin Smolár, who discovered the vulnerable shims.

“To help readers understand the impact that such vulnerable shims can have on UEFI Secure Boot-protected systems, the report examines a few specific issues in the reported shims — issues that are easily exploitable and that highlight the breadth of the attack surface they expose,” adds Smolár.

Over the years, the UEFI shim bootloader has naturally evolved, with new improvements and security features introduced in successive releases of the upstream UEFI shim repository. At the same time, many third-party vendors have taken available versions of the shim source code to build their own binaries, which they subsequently submitted to Microsoft for signing. This behavior is expected and aligns with the original design of shims. However, insufficient attention has been given to revoking outdated Microsoft-signed shims, many of which can, by design, be leveraged to bypass newer security mechanisms.

These vulnerable shims can be blocked by applying the latest UEFI revocations from Microsoft. Windows systems should be updated automatically. For Linux systems, updates should be available through the Linux Vendor Firmware Service. For more general recommendations regarding how to protect against (or at least detect) exploitation of unknown vulnerable signed UEFI bootloaders and deployment of UEFI bootkits, see the ESET Research blog post “Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344.”

For more details about the vulnerable UEFI shims, check out the ESET Research blog post “Forgotten UEFI shims undermining Secure Boot,” on WeLiveSecurity.com. Make sure to follow ESET Research on Twitter (today known as X), BlueSky, and Mastodon for the latest news from ESET Research.

About ESET

ESET® provides cutting-edge cybersecurity to prevent attacks before they happen. By combining the power of AI and human expertise, ESET stays ahead of emerging global cyberthreats, both known and unknown — securing businesses, critical infrastructure, and individuals. Whether it’s endpoint, cloud, or mobile protection, our AI-native, cloud-first solutions and services remain highly effective and easy to use. ESET technology includes robust detection and response, ultra-secure encryption, and multifactor authentication. With 24/7 real-time defense and strong local support, we keep users safe and businesses running without interruption. The ever-evolving digital landscape demands a progressive approach to security: ESET is committed to world-class research and powerful threat intelligence, backed by R&D centers and a strong global partner network. For more information, visit www.eset.com or follow our social media, podcasts, and blogs.



GOKO M6: An AI-Powered 4WD Robotic Mower Built for Large Lawns, Steep Slopes, and Tough Terrain
FastBots Launches Groundbreaking Hybrid AI and Live Chat Feature to Transform Customer Support Operations
Folks Unveils Survey Revealing 70% of HR Time in Canadian SMBs Spent on Administrative Tasks
Jet.AI Stockholder Votes Exceed Majority Threshold for flyExclusive Transaction
Constellation Software Inc. Announces Results of Voting for Directors at Annual General Shareholders Meeting
Share This Article
Facebook Email Print
- Advertisement -

Follow US

Find US on Social Medias
FacebookLike
XFollow
YoutubeSubscribe

Weekly Newsletter

Subscribe to our newsletter to get our newest articles instantly!
Popular News
IBM Launches Enterprise Advantage Service to Help Businesses Scale Agentic AI
News

IBM Launches Enterprise Advantage Service to Help Businesses Scale Agentic AI

20/01/2026
EICMA 2025, THE 82ND EDITION IS A TRIBUTE TO PASSION
New site in Lommel, Belgium: Aqua free successfully completes set-up phase with ISO 9001 certification
Yoolax Announces a Milestone 2025 of Growth, Smart Innovation, and Customer Trust
Infineon wins patent infringement case against Innoscience
- Advertisement -
- Advertisement -
- Advertisement -

Categories

  • Automobile
  • Entertainment
  • E-Sports
  • Food
  • Health
  • Technology
  • LifeStyle
  • Travel

About Us

Through our news networks, we raise millions of users' awareness. We are among the world's most reputable news networks.
Quick Link
Top Categories
  • Entertainment

Subscribe US

Subscribe to our newsletter to get our newest articles instantly!

AdkhabarAdkhabar
Copyright © 2021 - 2025 AdKhabar. All Rights Reserved. POWERED BY Life Care News.
Join Us!
Subscribe to our newsletter and never miss our latest news, podcasts etc..
Zero spam, Unsubscribe at any time.
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?