← All stories
● Covered by 2 sources Β· 2 reportsMedium impact

Old Microsoft-Signed UEFI Shims Jeopardize Secure Boot, Affecting Windows and Linux

Aggregated by BrevFeed security Β· updated 15h ago
πŸ”– Save

Researchers discovered that 11 outdated Microsoft-signed UEFI shims can bypass Secure Boot, posing risks for Windows and Linux systems. These shims have been trusted despite vulnerabilities, allowing potential execution of untrusted code.

Key points

Discovery of Vulnerable UEFI Shims

Security researchers identified 11 outdated Microsoft-signed UEFI shims. These shims can exploit vulnerabilities in Secure Boot, potentially allowing attackers to execute untrusted code during system boot.

The issue affects systems using a specific Microsoft UEFI certificate, expired and replaced as of 2026. These vulnerabilities apply to machines using both Windows and Linux systems.

Impact on Security and Risk

For over a decade, Secure Boot has been compromised, with these obsolete shims still being trusted despite known vulnerabilities. This oversight allowed novice hackers to bypass protections meant to secure device firmware.

The affected shims are involved in the boot process and could be used to introduce bootkits or other malware, undermining device security.

Background on Secure Boot and UEFI Shims

Secure Boot is an industry standard established to protect devices from unauthorized software during boot. UEFI shims are lightweight intermediaries facilitating boot processes for Linux distributions under Secure Boot.

Despite the critical role shims play, Microsoft's oversight meant these vulnerable versions remained trusted, posing a threat to users not only of Linux but Windows as well.

Microsoft's Role and Responsibility

The software giant is responsible for signing these shims. Its failure to revoke the compromised shims raises questions about their certificate management and the risks posed to system integrity.

Microsoft's slowness to address these vulnerabilities highlights the need for updated best practices in certifying and deprecating insecure firmware components.

✨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β€” check the original sources. How BrevFeed works β†’

Primary sources

GitHub rhboot/shim CVE CVE-2026-88637.8 HIGH CVE CVE-2026-10797 GitHub sei-vsarvepalli/uefi-dbx-audit CVE CVE-2015-52812.6 LOW CVE CVE-2015-53816.1 MEDIUM

How outlets covered it

ESET researchers discovered that Microsoft's Secure Boot can be bypassed using outdated shims, posing significant security risks for both Windows and Linux users. The flaw exists due to the continued trust in old firmware images, which remain unrevoked despite known vulnerabilities.

Researchers found 11 outdated Microsoft-signed UEFI applications that can be exploited to bypass Secure Boot on affected systems. This vulnerability can enable the execution of untrusted code and facilitate the deployment of UEFI bootkits.