Morioh
Login
Chanelle Reinger

Chanelle Reinger

3 years ago

It may take in its wake devices, including servers, workstations, desktops, laptops, IoT systems, and more operating on Windows and Linux systems.

The researchers say that BootHole is a kind of buffer vulnerability capable of affecting all GRUB2 versions. It survives in a similar way it has parsed content out of a configuration file. This process is differently signed by other executables and files.

Consequently, it breeds the ground for cybercriminals to disrupt the hardware trust mechanism root.

Due to buffer overflow, the attackers can execute arbitrary codes inside the UEFI environment. Next, they could run malware, patch the operating system kernel directly, alter booting, or execute other malicious activities.

The security concern is of high risk, and it is dubbed as ‘BootHole’ or CVE-2020-10713. It resides presently in the bootloader – GRUB2. If cybercriminals manage to exploit it, it could allow them to bypass the feature called Secure Boot. In addition, the attackers could also gain sneaky and continued access to the target systems.

#sysadmin #linux #news #windows

BootHole Bug challenges Windows and Linux systems 

geekflare.com

BootHole Bug challenges Windows and Linux systems 

Cybersecurity researchers revealed a new vulnerability that can affect devices in billions globally. Due to buffer overflow, the attackers can execute arbitrary codes inside the UEFI environment. Next, they could run malware, patch the operating system kernel directly, alter booting, or execute other malicious activities. The security concern is of high risk, and it is dubbed as 'BootHole' or CVE-2020-10713.

1.20 GEEK