• Researchers have discovered a vulnerability in the secure boot process of over 200 PC models from different manufacturers, including HP, Lenovo, and Acer. The vulnerability allows attackers to bypass the secure boot process and execute arbitrary code on the affected devices, potentially leading to system compromise.
• The vulnerability, dubbed "BootHole," is caused by a flaw in the GRUB2 bootloader, which is used by many operating systems, including Windows and various Linux distributions. The flaw allows attackers to bypass the secure boot process and gain control of the system during the early stages of the boot process.
• The researchers have reported the vulnerability to the affected vendors, and some have already released updates to address the issue. However, the researchers estimate that it could take years for all affected devices to be patched, as the update process can be challenging for older systems. Users are advised to check with their device manufacturers for available updates and to keep their systems up-to-date to mitigate the risk of exploitation.