Researchers Hack and Bypass Windows 8 UEFI Secure Book

When the hackers roll to Vegas, you know a good amount of exploits are going to surface. Defcon was on point this week in the Nevada desert, and here's yet another exploit that has piqued our interest. Researchers have discovered that the Windows 8 Secure Boot mechanism can be circumvented on PCs built by certain manufacturers. Why? Oversights in how those particular vendors implemented the Unified Extensible Firmware Interface (UEFI) specification.


Andrew Furtak, Oleksandr Bazhaniuk and Yuriy Bulygin were on hand to showcase their findings. Thankfully, due to the nature of the event, none of the specifics are shown; instead, companies are alerted so that fixes can be put in place before ill-willed hackers discover the same hacks. Here's a bit more on what went down:

"Secure Boot is a feature of the UEFI specification that only allows software components with trusted digital signatures to be loaded during the boot sequence. It was designed specifically to prevent malware like bootkits from compromising the boot process. According to the researchers, the exploits demonstrated at Black Hat are possible not because of vulnerabilities in Secure Boot itself, but because of UEFI implementation errors made by platform vendors. The first exploit works because certain vendors do not properly protect their firmware, allowing an attacker to modify the code responsible for enforcing Secure Boot, said Bulygin who works at McAfee. The exploit is designed to modify the platform key -- the root key at the core of all Secure Boot signature checks -- but in order to work it needs to be executed in kernel mode, the most privileged part of the operating system."

As Asus VivoBook Q200E laptop was hacked on stage, but select Asus desktop motherboards are also impacted. Asus will obviously be releasing patches soon, as would any other company that has been found to be affected.