Acer has introduced a firmware update to tackle a security vulnerability that could be likely weaponized to flip off UEFI Secure Boot on afflicted equipment.
Tracked as CVE-2022-4020, the high-severity vulnerability has an effect on five unique designs that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
The Personal computer maker described the vulnerability as an issue that “may well let improvements to Safe Boot configurations by producing NVRAM variables.” Credited with getting the flaw is ESET researcher Martin Smolár, who earlier disclosed equivalent bugs in Lenovo computer systems.
Disabling Secure Boot, an integrity mechanism that guarantees that only dependable software is loaded in the course of procedure startup, permits a destructive actor to tamper with boot loaders, leading to extreme penalties.
This involves granting the attacker full control above the working system loading method as well as “disable or bypass protections to silently deploy their have payloads with the program privileges.”
For each the Slovak cybersecurity enterprise, the flaw resides in a DXE driver identified as HQSwSmiDxe.
The BIOS update is predicted to be launched as element of a critical Windows update. Alternatively, customers can obtain the fixes from Acer’s Assist portal.
Found this posting appealing? Follow THN on Facebook, Twitter and LinkedIn to go through extra unique material we post.
Some areas of this short article are sourced from:
thehackernews.com