Security Researchers Bypassed Windows 8’s UEFI Secure Boot

Windows 8 or Windows 8.1 is not became as popular like Windows 7 or Windows xp before this its security is compromised by hacker or security researcher. Windows 8 uses UEFI (Unified Extensible Firmware Interface) secure boot system , and this UEFI secure boot system stops unauthorized boot loader (OS Loader) to take action in the BIOS. UEFI secure boot system only allow certified boot loader, such as Windows 8. Thats why malicious software or boot cd can failed to use the BIOS boot method to attack users.

But recently a security research team has announced that, Windows 8 UEFI secure boot mechanism can be bypassed or hacked on a typical brand of PC or Laptop, because those vendors in the implementation of UEFI specification when inadvertent omission.

Last week’s Black Hat conference, researchers Andrew Furtak, Oleksandr Bazhaniuk, Yuriy Bulygin infected computers demonstrates two ways to bypass Windows8 secure boot attacks.

UEFI Secure Boot is an agreement, McAfee researchers Bulygin said that the attack is not as secure boot itself, but because of the hardware manufacturers in the implementation of UEFI specification mistakes caused. The first attack can be achieved because some vendors do not properly protect their firmware, allowing an attacker can modify the startup code to enforce security.



Researchers at a desk Asus VivoBook Q200E notebook demonstrates kernel mode attack, Bulygin noted that some Asus Desktop Board has also been similarly affected.

The second attack can be carried out in user mode, which means that the attacker only needs to get the right code execution system, which is very simple, hackers use some conventional software vulnerabilities can do, such as Java, Adobe Flash, Microsoft Office and other.

For security reasons, the researchers did not open the second attack any technical details, but also did not disclose which vendors affected, because such attacks are using loopholes just discovered soon, manufacturers have had a chance to repair.

But the first problem kernel mode of attack was discovered a year ago, the affected platform vendors have enough time to fix.

This Microsoft responded that “Microsoft is working with partners to ensure safe start can provide consumers with a more secure experience.”

(Visited 84 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.