Boothole vulnerability puts billions of Windows and Linux devices at risk

Researchers have identified a security vulnerability that affects almost all devices running on Windows or Linux operating systems, of which there are billions worldwide.

According to researchers from security firm Eclypsium, if exploited, the vulnerability could give the attacker full control over the target device, hence its assigned severity score of 8.2/10. The flaw has been named “BootHole” and is being tracked under CVE-2020-10713.

In a nutshell, the vulnerability allows the attacker to take control over the target device’s boot processes, which gives them access to the entire machine. A vast range of devices are said to be vulnerable, from Windows PCs and Linux-powered devices to servers, workstations and other specialist industrial equipment.

According to Eclypsium’s report, it could take some time before IT managers are able to patch their systems. The company has notified “a variety of industry entities”, including OS vendors, computer manufacturers and CERTs. However, as mitigation will require new bootloaders to be signed and deployed, as well as vulnerable bootloaders revoked, the process is expected to take some time.

Chris Hass, Director of Information Security and Research at Automox, described the flaw as “massive”, speaking to SCMagazine. He said “a mountain of Linux devices [are] affected,” as well as Microsoft’s most common default configuration “since Windows 8 enables Secure Boot, adding to the already staggering number of devices affected by this vulnerability.”

“It is imperative that organizations update their operating systems, installer images, and disaster recovery media as soon as possible,” he added.

Source link