Enlarge (credit: Aurich Lawson / Ars Technica )

Earlier this week, Microsoft released a patch to fix a Secure Boot bypass bug used by the BlackLotus bootkit we reported on in March. The original vulnerability, CVE-2022-21894 , was patched in January, but the new patch for CVE-2023-24932 addresses another actively exploited workaround for systems running Windows 10 and 11 and Windows Server versions going back to Windows Server 2008.

The BlackLotus bootkit is the first-known real-world malware that can bypass Secure Boot protections, allowing for the execution of malicious code before your PC begins loading Windows and its many security protections. Secure Boot has been enabled by default for over a decade on most Windows PCs sold by companies like Dell, Lenovo, HP, Acer, and others. PCs running Windows 11 must have it enabled to meet the software's system requirements.

Microsoft says that the vulnerability can be exploited by an attacker with either physical access to a system or administrator rights on a system. It can affect physical PCs and virtual machines with Secure Boot enabled.

Read 7 remaining paragraphs | Comments

Enlarge (credit: Getty Images )

Secure Boot is an industry standard for ensuring that Windows devices don’t load malicious firmware or software during the startup process. If you have it turned on—as you should in most cases, and it's the default setting mandated by Microsoft—good for you. If you’re using one of more than 300 motherboard models made by manufacturer MSI in the past 18 months, however, you may not be protected.

Introduced in 2011, Secure Boot establishes a chain of trust between the hardware and software or firmware that boots up a device. Prior to Secure Boot, devices used software known as the BIOS, which was installed on a small chip, to instruct them how to boot up and recognize and start hard drives, CPUs, memory, and other hardware. Once finished, this mechanism loaded the bootloader, which activates tasks and processes for loading Windows.

The problem was: The BIOS would load any bootloader that was located in the proper directory. That permissiveness allowed hackers who had brief access to a device to install rogue bootloaders that, in turn, would run malicious firmware or Windows images.

Read 10 remaining paragraphs | Comments

Enlarge (credit: Getty Images)

More than two dozen Lenovo notebook models are vulnerable to malicious hacks that disable the UEFI secure boot process and then run unsigned UEFI apps or load bootloaders that permanently backdoor a device, researchers warned on Wednesday.

At the same time that researchers from security firm ESET disclosed the vulnerabilities , the notebook maker released security updates for 25 models, including ThinkPads, Yoga Slims, and IdeaPads. Vulnerabilities that undermine the UEFI secure boot can be serious because they make it possible for attackers to install malicious firmware that survives multiple operating system reinstallations.

Not common, even rare

Short for Unified Extensible Firmware Interface, UEFI is the software that bridges a computer’s device firmware with its operating system. As the first piece of code to run when virtually any modern machine is turned on, it’s the first link in the security chain. Because the UEFI resides in a flash chip on the motherboard, infections are difficult to detect and remove. Typical measures such as wiping the hard drive and reinstalling the OS have no meaningful impact because the UEFI infection will simply reinfect the computer afterward.

Read 6 remaining paragraphs | Comments

Have you ever read a tutorial on dual-booting your PC and found that you need to disable secure boot in order to achieve your goals? Yes, Secure Boot is a modern security feature built into Windows 10 (and Windows 8).

So, what is Secure Boot?

As the name says, Secure Boot is meant to safeguard to boot process when you start your computer; it’s found on newer PCs that come loaded with UEFI firmware. Secure Boot’s job is to prevent unsigned UEFI drivers and bootloaders from loading during the startup process.

This reduces the chances of unauthorized access to your device in case someone wants to steal data in your absence. However, the secure boot feature has faced some backlash as well, as it prevents people from doing some useful stuff on their machine. For example, running two operating systems at the same time.

But if you don’t want the feature, you can easily disable secure boot on your device.

How to disable secure boot in Windows 10, 8, 7?

The steps to turn off the secure boot feature are almost similar for both Windows 10 and Windows 8 systems.

1. Search Advanced startup in the search option at the taskbar of the Windows. Then, select Change advanced Startup Options as shown below in the snapshot.
   
2. Once you click on the “change advanced startup options”, the following screen will appear. You just have to click Restart now under the Advanced startup.
   
3. The above command will restart your PC in the advanced mode which comes with lots of advanced options to let you configure your Windows. Some of the advanced options are using an external device, troubleshooting your Windows using advanced options, or resetting your PC etc. The screen appears something like this. Click on Troubleshoot.
   
4. You can see above that Troubleshoot option had two options– Reset your PC and Advanced options. So, once you click on Troubleshoot, you will the same two options coming up. Click on Advanced options as shown below.
   
5. The advanced options look something like this (as shown below). Select UEFI Firmware Settings.
   
6. Once you click on the UEFI firmware settings, it will restart your system once again or ask you to restart the system. So, click on the restart on the next screen. However, this restart will start in BIOS and you will see different BIOS setup.
   
7. Click on the Security tab under the BIOS settings.
8. Use the Up and Down arrow to choose the secure boot option as shown in the previous image.
9. Select the option using Arrows and change the secure boot from Enabled to Disabled.
10. Press Enter.
11. Save your work and exit.

Since the secure boot is now disabled, you can easily boot your devices with any external or unauthorized device.

Now, if you want to know to enable secure boot, then you can follow the same steps as above and change the secure boot setting to enabled.

What happens after I disable secure boot?

Your PC won’t check whether you’re running digital signed operating system after your turn of this security feature. However, you won’t feel any difference while using Windows 10 on your device.

Here are some conditions that would be allowed on your PC after disabling Windows secure boot option:

• Booting Windows on your PC from an external device like USB or CD.
• Dual OS booting like Windows with Linux, Ubuntu or Fedora.
• Booting Windows using Windows password recovery tools
• Running the previous versions of Windows etc.

Do I need to disable secure boot to install Windows 10?

No, you don’t need to disable secure boot to install Windows 10. In fact the security feature is already meant to ensure that the your copy of Windows you’re running is trusted by your OEM and safe to use. Keeping the feature enabled will only help in that.

Why can’t I disable secure boot on my PC?

One thing to note is that your PC may not have an option to disable it as it’s up to PC maker whether it wants to add the functionality or not. So, if you can’t find it on your device then you should contact your manufacturer for support.

So, this is what we know about secure boot and how to use it. If you have anything to add, drop your thoughts in the comments below.

The post How To Enable/Disable Secure Boot In Windows 10, 8.1, 8, 7? appeared first on Fossbytes .