By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
AdkhabarAdkhabarAdkhabar
Notification Show More
Font ResizerAa
  • Home
  • Automobile
  • Entertainment
  • Esports
  • Food
  • Health
  • Life Style
  • News
  • Technology
  • Travel
Reading: ESET Research discovers vulnerable UEFI shims undermining devices Secure Boot
Share
Font ResizerAa
AdkhabarAdkhabar
  • Home
  • Automobile
  • Entertainment
  • Esports
  • Food
  • Health
  • Life Style
  • News
  • Technology
  • Travel
Search
  • Home
  • Automobile
  • Entertainment
  • Esports
  • Food
  • Health
  • Life Style
  • News
  • Technology
  • Travel
Follow US
Adkhabar > Blog > Technology > ESET Research discovers vulnerable UEFI shims undermining devices Secure Boot
ESET Research discovers vulnerable UEFI shims undermining devices Secure Boot
Technology

ESET Research discovers vulnerable UEFI shims undermining devices Secure Boot

GlobeNews Wire
Last updated: 14/07/2026 2:43 PM
GlobeNews Wire
Published: 14/07/2026
Share
SHARE
  • ESET researchers discovered 11 old, Microsoft-signed, UEFI applications that allow bypassing UEFI Secure Boot on the majority of UEFI-based systems.
  • An attacker exploiting one of these vulnerable applications can execute untrusted code during system boot, enabling deployment of malicious UEFI bootkits or other malware.
  • Exploitation is not limited to systems with the affected software or Operation system (OS) installed, as attackers can bring their own copy of the vulnerable binaries to any UEFI system with the Microsoft third-party UEFI certificate enrolled.
  • All UEFI systems with Microsoft third-party UEFI signing enabled are affected (Windows 11 Secured-core PCs are expected to have this option disabled by default).
  • The vulnerable binaries were revoked by Microsoft.

BRATISLAVA, Slovakia, July 14, 2026 (GLOBE NEWSWIRE) — ESET researchers discovered 11 vulnerable UEFI shim bootloaders signed by Microsoft that allow attackers to bypass UEFI Secure Boot by exploiting decade-old vulnerabilities. UEFI shim bootloaders are tiny bits of code designed to bridge the gap between motherboard UEFI firmware and an operating system. The vulnerable shims, at versions 0.9 and below, can be used to bypass UEFI Secure Boot on any UEFI-based machine that trusts the Microsoft Corporation UEFI CA 2011 third-party UEFI certificate authority (CA) certificate, regardless of the installed operating system. Reported shims can be exploited to execute untrusted code during system boot, enabling attackers to deploy malicious UEFI bootkits even on systems with UEFI Secure Boot enabled. ESET reported findings to CERT/CC; the vulnerable UEFI applications were then revoked.

The discovered shims come from various tools or software packages, including PC-diagnostic software, Linux distributions, and other UEFI-based utilities. Importantly, exploitation is not limited to systems with the affected software or OS installed, as attackers can bring their own copy of the vulnerable shims to any UEFI system with the Microsoft third-party UEFI certificate enrolled.

“What makes these old shims dangerous is not a novel vulnerability; it’s that no new vulnerability is needed to bypass UEFI Secure Boot. An attacker needs no complicated exploitation primitives — only a copy of an old, still-trusted but unrevoked shim binary and a basic understanding of how UEFI shims work. That is enough to bypass such an essential security feature as UEFI Secure Boot,” says ESET researcher Martin Smolár, who discovered the vulnerable shims.

“To help readers understand the impact that such vulnerable shims can have on UEFI Secure Boot-protected systems, the report examines a few specific issues in the reported shims — issues that are easily exploitable and that highlight the breadth of the attack surface they expose,” adds Smolár.

Over the years, the UEFI shim bootloader has naturally evolved, with new improvements and security features introduced in successive releases of the upstream UEFI shim repository. At the same time, many third-party vendors have taken available versions of the shim source code to build their own binaries, which they subsequently submitted to Microsoft for signing. This behavior is expected and aligns with the original design of shims. However, insufficient attention has been given to revoking outdated Microsoft-signed shims, many of which can, by design, be leveraged to bypass newer security mechanisms.

These vulnerable shims can be blocked by applying the latest UEFI revocations from Microsoft. Windows systems should be updated automatically. For Linux systems, updates should be available through the Linux Vendor Firmware Service. For more general recommendations regarding how to protect against (or at least detect) exploitation of unknown vulnerable signed UEFI bootloaders and deployment of UEFI bootkits, see the ESET Research blog post “Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344.”

For more details about the vulnerable UEFI shims, check out the ESET Research blog post “Forgotten UEFI shims undermining Secure Boot,” on WeLiveSecurity.com. Make sure to follow ESET Research on Twitter (today known as X), BlueSky, and Mastodon for the latest news from ESET Research.

About ESET

ESET® provides cutting-edge cybersecurity to prevent attacks before they happen. By combining the power of AI and human expertise, ESET stays ahead of emerging global cyberthreats, both known and unknown — securing businesses, critical infrastructure, and individuals. Whether it’s endpoint, cloud, or mobile protection, our AI-native, cloud-first solutions and services remain highly effective and easy to use. ESET technology includes robust detection and response, ultra-secure encryption, and multifactor authentication. With 24/7 real-time defense and strong local support, we keep users safe and businesses running without interruption. The ever-evolving digital landscape demands a progressive approach to security: ESET is committed to world-class research and powerful threat intelligence, backed by R&D centers and a strong global partner network. For more information, visit www.eset.com or follow our social media, podcasts, and blogs.



Equipboard Introduces Album- and Track-Level Gear Attribution, Powering a New Era of Music Gear Discovery
Particula Selected To Co-Structure RFP and Provide Independent Ratings for Keel’s $500M Regatta Program
NordVPN confirms 96% phishing detection and a new dedicated server feature
Husky Technologies Announces Leadership Transition in Service Organization
Geotab Surpasses 5 Million Global Connected Vehicle Subscriptions
Share This Article
Facebook Email Print
- Advertisement -

Follow US

Find US on Social Medias
FacebookLike
XFollow
YoutubeSubscribe

Weekly Newsletter

Subscribe to our newsletter to get our newest articles instantly!
Popular News
Chandigarh University in Collaboration with India’s leading Job Portal ‘Apna’ & Investment Firm ‘Venture Catalysts’ Launch ‘Campus Tank’ – India’s First University-Led Startup Launchpad for Young Innovators
News

Chandigarh University in Collaboration with India’s leading Job Portal ‘Apna’ & Investment Firm ‘Venture Catalysts’ Launch ‘Campus Tank’ – India’s First University-Led Startup Launchpad for Young Innovators

16/07/2025
Hexaware Names Srinivasan Panchapakesan Chief Platform Officer
GLOBAL TRANSFORMATION LEADERS JOIN AOKAH ADVISORY BOARD
HTX and AINFT Collaborate to Build New Web3 AI Gateway, Offering Free Access to Leading AI Models and 40,000 USDT Prize Pool
NANOscientific Symposium Series 2025 Concludes Successfully, Marked by a Landmark Celebration of 40 Years of AFM at Stanford
- Advertisement -
- Advertisement -
- Advertisement -

Categories

  • Automobile
  • Entertainment
  • E-Sports
  • Food
  • Health
  • Technology
  • LifeStyle
  • Travel

About Us

Through our news networks, we raise millions of users' awareness. We are among the world's most reputable news networks.
Quick Link
Top Categories
  • Entertainment

Subscribe US

Subscribe to our newsletter to get our newest articles instantly!

AdkhabarAdkhabar
Copyright © 2021 - 2025 AdKhabar. All Rights Reserved. POWERED BY Life Care News.
Join Us!
Subscribe to our newsletter and never miss our latest news, podcasts etc..
Zero spam, Unsubscribe at any time.
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?