"Acer Fixes UEFI Bugs That Can Be Used to Disable Secure Boot"
Acer has patched a critical vulnerability affecting several laptop models that could allow local attackers to disable Unified Extensible Firmware Interface (UEFI) Secure Boot on targeted systems. The Secure Boot security feature thwarts untrusted operating system (OS) bootloaders on computers equipped with Trusted Platform Module (TPM) chip and UEFI firmware in order to prevent malicious code, such as rootkits and bootkits, from loading during the startup process. The security flaw, tracked as CVE-2022-4020, was found in the HQSwSmiDxe DXE driver on some consumer-grade Acer Notebook devices, according to Martin Smolar, an ESET malware researcher. Attackers with elevated privileges can take advantage of it to disable Secure Boot by altering the BootOrderSecureBootDisable NVRAM variable. This allows for low-complexity attacks that do not require user input. Threat actors can hijack the OS loading process, load unsigned bootloaders to bypass or disable protections, and then deploy malicious payloads with system privileges after exploiting the vulnerability on affected Acer laptops and disabling Secure Boot. Acer laptop models Aspire A315-22, A115-21, A315-22G, Extensa EX215-21, and EX215-21G are all on the list of affected models. To fix this problem, Acer advises users to update their BIOS to the most recent version. According to the company, this update will be a critical Windows update. Customers can also manually install the BIOS update on impacted systems by downloading it from the company's support website. Similar flaws that could have allowed hackers to disable UEFI Secure Boot were patched earlier this month by Lenovo in several ThinkBook, IdeaPad, and Yoga laptop models. Threat actors can deploy malware that can survive OS reinstallations and get around security solutions' anti-malware defenses if they can run unsigned, malicious code before OS boot. This article continues to discuss the potential impact of the UEFI bugs fixed by Acer.
Bleeping Computer reports "Acer Fixes UEFI Bugs That Can Be Used to Disable Secure Boot"