Researchers have discovered a flaw in Windows and Linux-based operating systems. The flaw, nicknamed “BootHole,” can grant a hacker near-complete control over a victim’s PC. And unfortunately, we’re now waiting on Microsoft to patch the vulnerability.
How the BootHole Exploit Works
The exploit first came to light when researchers at Eclypsium discovered it. BootHole is not a strain of malware. Instead, it’s the name for the hole in the defenses that a virus can exploit.
At the time of writing, this problem only affects Linux boot systems and those that use Secure Boot. Unfortunately, Windows uses Secure Boot, which means it’s weak to this exploit.
Eclypsium researchers discovered #BootHoleVulnerability in the GRUB2 bootloader that can be used to gain arbitrary code execution on majority of Linux and Windows based systems, even when they are not using GRUB and Secure Boot is enabled. https://t.co/9jc26InmfA pic.twitter.com/0hgnufe1xA
— Eclypsium (@eclypsium) July 29, 2020
Once malware enters the system via the BootHole exploit, it can use arbitrary code to gain control over as much of the computer as it pleases.
The boot process is an important part of a computer because it defines how an operating system loads. If malware gets in between the cracks of the boot process, it can control how the operating system works and cause damage.
Can You Fix the BootHole Exploit?
Unfortunately, because this flaw is related to Windows’ boot sequence, it’s not something that you can fix yourself. Microsoft has to release a patch that fixes the BootHole flaw. However, this isn’t an easy task.
The boot sequence is an essential part of keeping the operating system stable. As such, if Microsoft rushes out a buggy patch for the flaw, it will cause system instability.
As a result of this, it may take Microsoft a while to release a patch that fixes BootHole. And we’re all reliant on Microsoft doing so.
How to Stay Safe From Exploits
While waiting for Microsoft to patch BootHole, you’ll need to be extra careful to avoid malware that would allow hackers to take advantage of the vulnerability.
If you’re worried about BootHole, be sure to read our article explaining how to stay safe online without the latest security patches.
Read the full article: Windows 10 Devices Are at Risk From the BootHole Vulnerability
from MakeUseOf https://ift.tt/3fogPPO
via IFTTT
0 comments: