"MSI's Leaked Firmware Keys Endanger Hundreds of Devices"

Researchers have discovered leaked firmware image signing keys and Intel Boot Guard keys for MSI products. According to Alex Matrosov, CEO of the firmware supply chain security platform Binarly, the leaked firmware keys impact 57 MSI products, while the leaked Boot Guard keys affect 166 MSI products. Firmware image signing keys are an integral component of the hardware's security infrastructure. The keys provide trust that the firmware is authentic and has not been modified by anyone other than the software developer or device manufacturer. Similarly, Intel Boot Guard is a processor safeguard that prevents the computer from executing firmware images that the system manufacturer has not published. Exposure of the keys poses a significant risk to users, as attackers with access to leaked keys can push malware-infected firmware images or updates as legitimate. Since firmware is typically launched before the operating system, malicious code may evade detection by antivirus software and other security measures. Attackers could also use the keys to modify the device's firmware, severely compromising its reliability. According to Binarly, the exposed devices include many models of MSI's Stealth, Creator, Crosshair, Prestige, Pulse, Modern, Raider, Sword, Summit, Vector, and Katana series laptops. This article continues to discuss the discovery and potential impact of the leaked firmware image signing keys.

Cybernews reports "MSI's Leaked Firmware Keys Endanger Hundreds of Devices"