Anasayfa » News » Microsoft finally patches serious UEFI Secure Boot flaw after seven-month delay

Microsoft finally patches serious UEFI Secure Boot flaw after seven-month delay

Microsoft finally patches serious UEFI Secure Boot flaw after seven-month delay
You May Be Interested In:Salma Hayek shocks on the cover of the Sports Illustrated Swimsuit Issue at 58


Bottom line: Microsoft has addressed a significant security vulnerability that left Windows 11 open to malware attacks at one of the system’s most critical levels for more than half a year. It’s concerning – though perhaps not surprising – that Microsoft knowingly left this loophole unpatched for such a long period. Users are strongly advised to apply the update immediately.

The vulnerability (CVE-2024-7344) allowed bad actors to sneak malicious code onto devices in a way that could bypass many of Windows 11’s built-in security defenses. It exploited a flaw in how certain third-party firmware utilities handled secure UEFI boot processes, giving attackers elevated system privileges and allowing their malicious payloads to hide in plain sight. Those types of firmware-based attacks are among the most difficult to detect.

The issue stems from how some legitimate system utilities use Microsoft-approved digital certificates. The company has a strict manual review process for third-party firmware apps that must run during the secure boot phase. However, a researcher at security firm ESET discovered that at least seven different vendors had been using a signed firmware component called “reloader.efi” in an insecure manner.

By employing a custom executable loader, these utilities could inadvertently bypass Microsoft’s security checks and run any firmware code, including unsigned binaries that secure boot protections should have blocked. That opened the door for sophisticated attackers to piggyback malware onto legitimate utilities.

The vendors who unknowingly exposed this risk with their system utilities include Howyar Technologies, Greenware, Radix, Sanfong, WASAY, CES, and SignalComputer. They have all issued updates to address the issue. Microsoft has also revoked the digital certificates for the affected firmware versions, which should prevent hackers from exploiting the security hole.

Still, the bigger story is how the vulnerability persisted for over seven months after ESET initially notified Redmond of the problem in July 2024. There’s no evidence that hackers actively leveraged this vulnerability in real-world attacks. However, the fact that such a glaring hole existed for such an extended period is disconcerting.

Microsoft has pushed out an update to resolve CVE-2024-7344, so Windows 11 users should ensure they have all the latest patches installed – specifically from the January 14th Patch Tuesday release.

share Paylaş facebook pinterest whatsapp x print

Similar Content

TSMC hit with lawsuit over alleged discrimination against American workers
TSMC hit with lawsuit over alleged discrimination against American workers November 14, 2024
AMD calls demand for Radeon 9070 and 9070 XT unprecedented, says restocking at MSRP is priority number one
AMD calls demand for Radeon 9070 and 9070 XT “unprecedented,” says restocking at MSRP is priority number one March 14, 2025
Qualcomm wins landmark trial against Arm in chip license dispute
Qualcomm wins landmark trial against Arm in chip license dispute December 21, 2024
Microsoft: Windows 11 requirement for a TPM 2.0 chip is non-negotiable
Microsoft: Windows 11 requirement for a TPM 2.0 chip is “non-negotiable” December 4, 2024
Vivaldi Browser
Vivaldi Browser October 24, 2024
Drunk driving comes to e-bikes: Study shows 3x rise in ER visits due to accidents
Drunk driving comes to e-bikes: Study shows 3x rise in ER visits due to accidents January 6, 2025
Flash News Hub | © 2025 | News