Researchers identified two exploits that bypass Secure Boot protections designed to ensure only secure operating systems load at startup. Microsoft issued a patch for CVE-2025-3052, a notable vulnerability impacting over 50 manufacturers, allowing attackers physical access to disable Secure Boot and install malware. This threat extends to remote exploitation for stealth attacks post-administrative control. The root of the vulnerability lies in firmware flashing tools by DT Research, exploiting a cryptographic certificate pre-installed on many devices. Microsoft's action to patch one exploit while leaving another poses ongoing security challenges.
Microsoft's recent security update addresses a critical vulnerability in Secure Boot that exposes over 50 device manufacturers to potential malware attacks.
The CVE-2025-3052 vulnerability enables attackers to bypass Secure Boot and potentially compromise devices by running malware before the operating system loads.
This vulnerability represents a single point of failure in device security, as it allows physical or remote access to exploit devices running affected firmware.
Despite patching one exploit, Microsoft allows another to persist, highlighting a complex landscape of threats to device integrity and secure booting processes.
Collection
[
|
...
]