No one knows how many old shims can still bypass UEFI Secure Boot

Jul 14, 2026 - 13:30
No one knows how many old shims can still bypass UEFI Secure Boot

The vast majority of UEFI computers carry a Microsoft certificate that will trust a small first-stage loader called a shim, a program Microsoft signs so that Linux and assorted boot tools can run with Secure Boot on. Eleven of those signed shims turned out to be old enough to undo the protection they were meant to support. ESET researchers found the vulnerable versions, all at 0.9 or below, and Microsoft revoked them in its June … More

The post No one knows how many old shims can still bypass UEFI Secure Boot appeared first on Help Net Security.