"New Bug in PC Booting Process Could Take Years to Fix, Researchers Say"
In June, the antivirus company ESET discovered an insidious strain of ransomware that prevents a computer from loading and locks its data. For the ransomware attack to work, a ubiquitous feature known as UEFI Secure Boot, which protects computers from getting malicious code slipped on their systems, would have to be disabled. Now researchers at a hardware security company Eclypsium have found a vulnerability that, if exploited, would allow the ransomware to work on computers that have the Secure Boot feature enabled. The vulnerability is located in a bundle of code known as a GRUB2 bootloader. The researchers estimate that billions of devices are affected by this vulnerability.
CyberScoop reports: "New Bug in PC Booting Process Could Take Years to Fix, Researchers Say"