RESEARCHERS from ESET have discovered that 11 vulnerable UEFI shim bootloaders, which have been signed by Microsoft and date back over a decade, can permit attackers to bypass the UEFI Secure Boot feature on many systems. The vulnerabilities allow untrusted code to execute during system boot, enabling threats such as bootkits even with Secure Boot enabled.
Notably, older shims ignore recent security measures designed to enhance protection, and historic shims have not been adequately tracked, raising concerns about how many vulnerable versions exist. Microsoft has since revoked the affected binaries, and users are urged to update their systems.