"New Bug in PC Booting Process Could Take Years to Fix, Researchers Say"

In June, the antivirus company ESET discovered an insidious strain of ransomware that prevents a computer from loading and locks its data.  For the ransomware attack to work, a ubiquitous feature known as UEFI Secure Boot, which protects computers from getting malicious code slipped on their systems, would have to be disabled.  Now researchers at a hardware security company Eclypsium have found a vulnerability that, if exploited, would allow the ransomware to work on computers that have the Secure Boot feature enabled.  The vulnerability is located in a bundle of code known as a GRUB2 bootloader.  The researchers estimate that billions of devices are affected by this vulnerability.

CyberScoop reports: "New Bug in PC Booting Process Could Take Years to Fix, Researchers Say"