Home | Community | Message Board

MushroomCube.com
This site includes paid links. Please support our sponsors.


Welcome to the Shroomery Message Board! You are experiencing a small sample of what the site has to offer. Please login or register to post messages and view our exclusive members-only content. You'll gain access to additional forums, file attachments, board customizations, encrypted private messages, and much more!

Shop: Unfolding Nature Unfolding Nature: Being in the Implicate Order   PhytoExtractum Buy Bali Kratom Powder   Bridgetown Botanicals Bridgetown Botanicals   Kraken Kratom Kratom Capsules for Sale

Jump to first unread post Pages: 1
Invisibletdubz
Male User Gallery


Registered: 02/26/12
Posts: 5,586
Microsoft Secure Boot key debacle causes security panic
    #23533372 - 08/11/16 11:59 PM (7 years, 5 months ago)

http://www.zdnet.com/article/microsoft-secure-boot-key-debacle-causes-security-panic/
Quote:


Microsoft has accidentally leaked the keys to the kingdom, permitting attackers to unlock devices protected by Secure Boot -- and it may not be possible to fully resolve the leak.
The design flaw in the Windows operating system can be used to unlock Windows devices, including smartphones and tablets, which are otherwise protected by Secure Boot in order to run operating systems other than Windows on locked down systems.

This, in turn, allows someone with admin rights or an attacker with physical access to a machine not only to bypass Secure Boot and run any operating system they wish, such as Linux or Android, but also permits the installation and execution of bootkit and rootkits at the deepest level of the device, security researchers MY123 and Slipstream revealed in a blog post on Tuesday.

Microsoft's Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware which is meant to ensure each component of the system boot process is signed and validated.

When Secure Boot is fully enabled, it also prevents users from booting up other operating systems which take their fancy. In addition, there are specific systems and devices -- such as Windows RT and Windows Phone -- where Secure Boot cannot otherwise be disabled by the user.
Secure Boot works in tandem with particular policies which are read and obeyed by Windows boot manager. For testing and tweaking purposes, Microsoft has one particular boot policy which loads early on and disables operating system checks.

While useful for developers in operating system tests, this policy also allows a user to boot whatever they wish, including self-signed binaries. The "golden key" debug and unlocking policy problem has emerged due to design flaws in the policy loading system.
The policy has been leaked online and can be used by users with admin rights to bypass Secure Boot on locked devices, as long as devices have not received the July patch update.

"You can see the irony. Also the irony in that MS themselves provided us several nice "golden keys" (as the FBI would say :wink: for us to use for that purpose," the researchers write.
"About the FBI: are you reading this? If you are, then this is a perfect real world example about why your idea of back dooring cryptosystems with a "secure golden key" is very bad!," the team added. "Microsoft implemented a "secure golden key" system. And the golden keys got released from MS['s] own stupidity."

The researchers reportedly informed Microsoft of their findings between March and April this year. The Redmond giant originally declined to fix the issue, at which point the duo started an analysis and compiling proof-of-concept (PoC) evidence.
Between June and July, Microsoft reversed its decision and awarded a bug bounty, pushing a fix -- MS16-094 -- last month. However, this fix was deemed "inadequate," although it has mitigated the problem, resulting in a second patch, MS16-100, being issued in August.

While the second patch attempts to solve the vulnerability, The Register reports that the fix does not impact the policy flaw, and simply removes access to select bootmgr systems. As a result, a third update is expected to address this issue in September.

"Either way, it'd be impossible in practice for MS to revoke every bootmgr earlier than a certain point, as they'd break install media, recovery partitions, backups, etc," the duo commented.
ZDNet has reached out to Microsoft and will update if we hear back.




Extras: Filter Print Post Top
Jump to top Pages: 1

Shop: Unfolding Nature Unfolding Nature: Being in the Implicate Order   PhytoExtractum Buy Bali Kratom Powder   Bridgetown Botanicals Bridgetown Botanicals   Kraken Kratom Kratom Capsules for Sale


Similar ThreadsPosterViewsRepliesLast post
* Yet Another Windows Security Flaw - More Serious Than Usual DiploidM 816 2 01/04/06 04:44 PM
by drtyfrnk
* Department of Homeland Security Warns Of Windows Security Flaws DiploidM 824 2 08/15/06 06:50 PM
by Catalysis
* Microsoft's Really Hidden Files. Lana 7,924 18 07/11/02 02:14 PM
by Lana
* New Serious Security Hole in Vista DiploidM 1,503 9 04/03/07 01:26 PM
by Boom
* Microsoft - your opinions please?
( 1 2 3 all )
Asante 4,162 56 01/03/09 03:22 PM
by magicbastard
* Microsoft Issues Patch for 'Critical' Windows Secu Mojo_Risin 1,150 4 11/21/02 06:44 PM
by Mojo_Risin
* Microsoft and Virus = Software Fungi_x 529 0 01/06/05 07:20 AM
by Fungi_x
* Microsoft Patches Seven Critical Security Holes DiploidM 1,032 3 11/15/06 07:32 AM
by nobhdy

Extra information
You cannot start new topics / You cannot reply to topics
HTML is disabled / BBCode is enabled
Moderator: trendal, automan, Northerner
152 topic views. 0 members, 0 guests and 2 web crawlers are browsing this forum.
[ Show Images Only | Sort by Score | Print Topic ]
Search this thread:

Copyright 1997-2024 Mind Media. Some rights reserved.

Generated in 0.023 seconds spending 0.007 seconds on 13 queries.