Microsoft’s Secure Boot Has Been Broken for a Decade and No One Noticed Until Now

Researchers at security firm ESET discovered that Microsoft’s Secure Boot, designed to prevent malicious firmware infections, has been bypassable for 13 years due to old, vulnerable “shim” binaries that were never revoked despite known defects. This flaw affects both Windows and Linux devices by allowing attackers to load malicious firmware at boot time, persisting even after OS reinstallation; Microsoft only revoked the faulty shims after ESET’s report in June 2026. The incident highlights inherent complexity and trust issues in the Secure Boot model, which depends heavily on Microsoft’s oversight and has struggled to handle revocations and scaling effectively.

https://arstechnica.com/security/2026/07/microsoft-secure-boot-has-been-broken-for-most-of-its-existence/

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top