Video
ESET researchers have discovered a vulnerability in a UEFI application that could allow attackers to deploy malicious bootkits on unpatched systems
16 Jan 2025
ESET researchers have uncovered a vulnerability that could enable attackers to bypass UEFI Secure Boot and install malicious UEFI bootkits on vulnerable systems. Known as CVE-2024-7344, this security flaw affects a wide range of UEFI-based systems and allows the execution of untrusted code during system startup, even with UEFI Secure Boot enabled and regardless of the operating system in use. The vulnerable UEFI application is found in seven system recovery programs.
For more details on this vulnerability and tips on securing your systems, watch the video featuring ESET Chief Security Evangelist Tony Anscombe. Be sure to also check out the full blog post for a comprehensive overview of the discovery.
Connect with us on Facebook, X, LinkedIn, and Instagram.
