Nov 28, 2022

Acer fixes UEFI bugs that can be used to disable Secure Boot

Posted by in category: cybercrime/malcode

Acer has fixed a high-severity vulnerability affecting multiple laptop models that could enable local attackers to deactivate UEFI Secure Boot on targeted systems.

The Secure Boot security feature blocks untrusted operating systems bootloaders on computers with a Trusted Platform Module (TPM) chip and Unified Extensible Firmware Interface (UEFI) firmware to prevent malicious code like rootkits and bootkits from loading during the startup process.

Reported by ESET malware researcher Martin Smolar, the security flaw (CVE-2022–4020) was discovered in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices.

Comments are closed.