Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment Re:Firmware? (Score 5, Informative) 51

No, tt's not firmware, but it's "close". The bug allows for the installation of a bootkit when one would otherwise be prevented by Secure Boot and related firmware-based protection mechanisms. On Linux systems with Secure Boot enabled, they need to use shim.efi to allow them to boot. shim.efi is signed by Microsoft and is capable of loading a next-stage boot loader, signed or otherwise, dependent on configuration.

This bug impacts shim.efi's HTTP handling when dealing with network booting situations, which impacts a vanishingly small percentage of home/personal users, but may have some impacts in corporate environments. But it requies a MITM presence on the network or some other way of controlling the HTTP traffic going to the target machine.

Slashdot Top Deals

HOST SYSTEM NOT RESPONDING, PROBABLY DOWN. DO YOU WANT TO WAIT? (Y/N)

Working...