BootHole patches to be released by tech giants like Microsoft and Red Hat

A new vulnerability has been discovered recently, affecting and tampering the boot settings for Windows and another operating system. The vulnerability, which is codenamed BootHole, is what affects the components of the Secure Boot process. It allows hackers and attackers to damage and modify the boot loading process. It uses the bootloader to attack the system, which is responsible for loading the firmware to start the operating system.

The vulnerability is in GRUB 2, which is one of the most popular and used boot components. It is used as a bootloader component in Windows, macOS, and all BSD based systems. It is why the impact of this vulnerability is widespread. 

BootHole has discovered security by researchers from Eclypsium, for which the details have been published on their blog. The vulnerability adds malicious code during the boot process, which allows for planting a bug in the OS, providing them full control of the system. The malware remains in a different location or memory from that of the OS, such as the motherboard’s physical memory.

As per the researchers, the malware remains in grub.cfg and attacks the file to modify the buffer overflow. It was found that the malware not only works on independent systems but also on servers and workstations, which could turn out to be a big security issue for organizations. It also works on SecureBoot enabled systems and devices. 

However, it was also found that without the admin access to the grub.cfg file, attackers cannot affect the system. To prevent any bigger damage to the organization and their remote servers, companies like Microsoft, Red Hat, Canonical, SuSE, Oracle, VMWare, Citrix, etc. are releasing the security patch, which would help avoid this security threat. Although issues such as these in the bootloader take time to be resolved, they are assured that the security patches will secure most of the servers and workstations used by companies.

SourceZdnet

Recent Articles

Google to remove the Trusted Contact app from PlayStore and App Store.

In 2016, Google launched its popular app Trusted contact, which allowed the user to share their location and device activity with certain...

Windows 10 updates seem to be installing bloatware without users’ permission.

One of the most irritating things for a user on their device is bloatware. It not only consumes extra storage space on...

Apple Watch SE Korean users facing heating issues.

Apple watches SE was released a few weeks back by the tech giant Apple along with the Apple Watch 6 series. Apple...

Samsung regains the top spot again while Huawei drops down 16%.

A few months back Huawei claimed the top spot in a quarter as the market leader of Smartphones, bringing down Samsung from...

New OnePlus 9 details hit Twitter.

It has only been a few days since the OnePlus 8T has been launched in the global market, providing a massive performance...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay Updated - Get Tech News Updates to your Inbox.