AI News AI资讯 1d ago Updated 1d ago 更新于 1天前 49

Microsoft’s Secure Boot has been broken for a decade and no one noticed until now 微软的Secure Boot已被破坏十年,直到现在才被发现

Researchers at ESET discovered that 11 Microsoft-signed UEFI shims, some dating back to 2013, remained unrevoked despite known vulnerabilities, allowing trivial bypass of Secure Boot. These legacy shims enable attackers to install persistent malicious firmware that survives OS reinstalls and hardware changes, affecting both Windows and Linux systems. The bypass requires no novel exploits or complex primitives, only a basic understanding of UEFI mechanics and access to the unrevoked shim binaries ESET发现微软维护的11个UEFI Shim签名密钥存在长达13年的漏洞未撤销,导致UEFI Secure Boot机制被轻易绕过。 攻击者无需利用新漏洞,仅需持有这些过期的Shim二进制文件即可在Windows和Linux设备上安装持久化的恶意固件(Bootkits)。 该安全失效源于微软在SBAT和dbx等复杂撤销机制管理上的疏漏,直到2024年6月才在ESET披露后正式撤销相关签名。 此事件揭示了底层固件信任链管理的脆弱性,表明即使有行业标准保护,执行层面的复杂性仍可能导致严重的安全盲区。

75
Hot 热度
70
Quality 质量
65
Impact 影响力

Analysis 深度分析

TL;DR

  • Researchers at ESET discovered that 11 Microsoft-signed UEFI shims, some dating back to 2013, remained unrevoked despite known vulnerabilities, allowing trivial bypass of Secure Boot.
  • These legacy shims enable attackers to install persistent malicious firmware that survives OS reinstalls and hardware changes, affecting both Windows and Linux systems.
  • The bypass requires no novel exploits or complex primitives, only a basic understanding of UEFI mechanics and access to the unrevoked shim binaries.
  • Microsoft finally revoked these shims in June after being alerted by ESET and CERT, ending a 13-year period where this critical security gap existed.
  • The incident highlights significant flaws in the complexity of Secure Boot revocation mechanisms, particularly regarding SBAT and version-based enforcement.

Why It Matters

This finding exposes a fundamental weakness in the UEFI Secure Boot ecosystem, demonstrating that a core security feature relied upon to prevent bootkits can be rendered ineffective by administrative oversights rather than cryptographic failures. For AI practitioners and security researchers, it underscores the critical importance of supply chain integrity and the need for rigorous, automated auditing of trust anchors, as manual processes have proven insufficient over long periods. Furthermore, it serves as a cautionary tale for the industry regarding the persistence of legacy code and the necessity of proactive vulnerability management in foundational infrastructure.

Technical Details

  • Vulnerability Mechanism: Attackers utilize 11 specific Microsoft-signed shim binaries that were never revoked. These shims act as secondary trust anchors, allowing subsequent bootloaders and utilities to load without direct Microsoft signature verification, provided they are authorized by the shim's embedded certificate.
  • Bypass Simplicity: The attack does not require exploiting new zero-day vulnerabilities. Instead, it leverages the existing trust relationship established by the unrevoked shims to subvert the chain of digitally signed firmware, effectively neutralizing Secure Boot protections.
  • Revocation Complexity: The failure to revoke stems from the complexity of UEFI revocation mechanisms. While the dbx database has limited space (32KB), Microsoft uses SBAT (Secure Boot Advanced Targeting) and Secure Boot SVN (Security Version Number) for version-based revocation. The oversight suggests a breakdown in tracking or applying these version-based policies for specific legacy shims.
  • Persistence: Malicious firmware installed via this method loads early in the boot process and persists even if the operating system is reinstalled or the hard drive is replaced, making detection and remediation difficult.
  • Affected Components: The compromised shims were used by various Linux distributors (Red Hat, OpenSUSE, Oracle) and third-party utilities (PC-Doctor Finland), indicating a broad impact across different software ecosystems.

Industry Insight

  • Supply Chain Auditing: Organizations must implement continuous, automated auditing of all trust anchors and signed components within their firmware and boot processes. Relying on periodic checks or vendor notifications is insufficient given the longevity of potential oversights.
  • Simplification of Security Models: The complexity of UEFI Secure Boot, particularly the interplay between db, dbx, SBAT, and SVN, creates opportunities for human error. There is a strong argument for simplifying these mechanisms or enhancing tooling to ensure revocation policies are applied consistently and verifiably.
  • Proactive Threat Modeling: Security teams should assume that legacy components may remain vulnerable due to administrative lapses. Mitigation strategies should include monitoring for unauthorized shim usage and ensuring that firmware updates include robust, tested revocation mechanisms for all previously trusted binaries.

TL;DR

  • ESET发现微软维护的11个UEFI Shim签名密钥存在长达13年的漏洞未撤销,导致UEFI Secure Boot机制被轻易绕过。
  • 攻击者无需利用新漏洞,仅需持有这些过期的Shim二进制文件即可在Windows和Linux设备上安装持久化的恶意固件(Bootkits)。
  • 该安全失效源于微软在SBAT和dbx等复杂撤销机制管理上的疏漏,直到2024年6月才在ESET披露后正式撤销相关签名。
  • 此事件揭示了底层固件信任链管理的脆弱性,表明即使有行业标准保护,执行层面的复杂性仍可能导致严重的安全盲区。

为什么值得看

这篇文章揭示了UEFI Secure Boot这一核心安全机制在实际执行中的重大缺陷,提醒所有依赖固件启动安全的IT从业者和企业必须重新审视其底层信任锚点的有效性。对于安全研究人员而言,它提供了一个关于“信任传递”机制如何因管理疏忽而崩溃的经典案例,强调了简化安全策略和定期审计的重要性。

技术解析

  • Shim机制与信任链:Shim是微软为扩展Secure Boot到Linux设备而设计的次要信任锚点。它们由微软签名,但内部嵌入了主板或软件制造商的证书,从而授权后续加载的所有软件。这种设计使得一旦Shim被滥用,整个启动链的信任基础就会崩塌。
  • 撤销机制的复杂性:由于dbx数据库空间有限(仅32KB),微软无法列出所有被禁用的二进制哈希,因此转而使用SBAT(Secure Boot Advanced Targeting)和SVN(安全版本编号)进行基于版本的撤销。然而,这11个Shim在发现漏洞后未被正确更新或撤销,导致旧版恶意代码仍可被信任。
  • 攻击路径简单化:ESET研究员指出,攻击者不需要复杂的利用原语,只需获取一个仍未被撤销的旧Shim副本并理解其工作原理,即可完全绕过UEFI Secure Boot。这使得即使是新手黑客也能实施高级固件攻击。
  • 持久化威胁:通过被滥用的Shim安装的恶意固件会在系统启动早期加载,并在重装操作系统或更换硬盘后依然保留,形成持久的后门。这与LoJax、BlackLotus等已知Bootkits的威胁模型一致。

行业启示

  • 简化安全架构:过度复杂的信任管理和撤销机制(如多层嵌套的证书和版本控制)容易导致人为失误和执行漏洞。行业应倾向于更直观、更易验证的安全策略,以减少管理疏漏的风险。
  • 主动审计与生命周期管理:企业和开发者必须建立严格的固件组件生命周期管理机制,不仅关注新功能开发,更要定期对现有签名密钥和Shim进行安全审计,确保在漏洞披露时能迅速、彻底地撤销信任。
  • 固件安全需作为核心防御层:Secure Boot并非一劳永逸的解决方案。随着硬件供应链攻击的增加,组织应将固件完整性监控纳入日常安全运营,并意识到任何信任链中的薄弱环节都可能成为攻击者的突破口。

Disclaimer: The above content is generated by AI and is for reference only. 免责声明:以上内容由 AI 生成,仅供参考。

Security 安全 Research 科学研究