Acer has introduced a firmware update to tackle a security vulnerability that could be likely weaponized to flip off UEFI Secure Boot on afflicted equipment.
Tracked as CVE-2022-4020, the high-severity vulnerability has an effect on five unique designs that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
The Personal computer maker described the vulnerability as an issue that “may well let improvements to Safe Boot configurations by producing NVRAM variables.” Credited with getting the flaw is ESET researcher Martin Smolár, who earlier disclosed equivalent bugs in Lenovo computer systems.
Disabling Secure Boot, an integrity mechanism that guarantees that only dependable software is loaded in the course of procedure startup, permits a destructive actor to tamper with boot loaders, leading to extreme penalties.
This involves granting the attacker full control above the working system loading method as well as “disable or bypass protections to silently deploy their have payloads with the program privileges.”
For each the Slovak cybersecurity enterprise, the flaw resides in a DXE driver identified as HQSwSmiDxe.
The BIOS update is predicted to be launched as element of a critical Windows update. Alternatively, customers can obtain the fixes from Acer’s Assist portal.
Found this posting appealing? Follow THN on Facebook, Twitter and LinkedIn to go through extra unique material we post.
Some areas of this short article are sourced from:
thehackernews.com
US Census Bureau Head Fends Off Critics of ‘Differential Privacy’ Tool