CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

New Flaw in Acer Laptops Could Let Attackers Disable Secure Boot Protection

admin by admin
November 29, 2022
in Information Security


Acer has released a firmware update to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on affected machines.

Tracked as CVE-2022-4020, the high-severity vulnerability affects five different models that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G.

CyberSecurity

The PC maker described the vulnerability as an issue that “may allow changes to Secure Boot settings by creating NVRAM variables.” Credited with discovering the flaw is ESET researcher Martin Smolár, who previously disclosed similar bugs in Lenovo computers.

Disabling Secure Boot, an integrity mechanism that guarantees that only trusted software is loaded during system startup, enables a malicious actor to tamper with boot loaders, leading to severe consequences.

This includes granting the attacker complete control over the operating system loading process as well as “disable or bypass protections to silently deploy their own payloads with the system privileges.”

Per the Slovak cybersecurity company, the flaw resides in a DXE driver called HQSwSmiDxe.

The BIOS update is expected to be released as part of a critical Windows update. Alternatively, users can download the fixes from Acer’s Support portal.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

Get the best out of Amazon Verified Permissions by using fine-grained authorization methods

Next Post

Initiativesofambidexterity

Related Posts

Information Security

Experts Unveil Exploit for Recent Windows Vulnerability Under Active Exploitation

by admin
June 9, 2023
Information Security

Temporary elevated access management with IAM Identity Center

by admin
June 9, 2023
Information Security

Don’t panic! These scammers don’t actually have photos of you

by admin
June 9, 2023
Information Security

Microsoft to Pay $20 Million Penalty for Illegally Collecting Kids’ Data on Xbox

by admin
June 8, 2023
Information Security

AWS Security Profile – Cryptography Edition: Valerie Lambert, Senior Software Development Engineer

by admin
June 8, 2023
Next Post

Initiativesofambidexterity

Recommended

Experts Unveil Exploit for Recent Windows Vulnerability Under Active Exploitation

June 9, 2023

Temporary elevated access management with IAM Identity Center

June 9, 2023

Don’t panic! These scammers don’t actually have photos of you

June 9, 2023

Illustratenonlinearlogic

June 8, 2023

Microsoft to Pay $20 Million Penalty for Illegally Collecting Kids’ Data on Xbox

June 8, 2023

AWS Security Profile – Cryptography Edition: Valerie Lambert, Senior Software Development Engineer

June 8, 2023

© CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.