www.infosecurity-magazine.com 7/15/2026, 2:18:05 PM · external

Microsoft pulls decade old UEFI shims after Secure Boot bypass

Microsoft pulls decade old UEFI shims after Secure Boot bypass
CyberSIXT Evidence Panel
Primary Source welivesecurity.com

RESEARCHERS from ESET have discovered that 11 vulnerable UEFI shim bootloaders, which have been signed by Microsoft and date back over a decade, can permit attackers to bypass the UEFI Secure Boot feature on many systems. The vulnerabilities allow untrusted code to execute during system boot, enabling threats such as bootkits even with Secure Boot enabled.

Notably, older shims ignore recent security measures designed to enhance protection, and historic shims have not been adequately tracked, raising concerns about how many vulnerable versions exist. Microsoft has since revoked the affected binaries, and users are urged to update their systems.

View Primary Source Via www.infosecurity-magazine.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline