Researchers at Eclypsium presented three new vulnerabilities in SecureBoot certified bootloaders affecting multiple processors up and down the supply chain, including ARM and x86 processors
“Because SecureBoot’s guarantee is just that the code is good, not that it's bug-free code. We're going to continue to have issues like this popping up basically forever, is my explanation,” said Jesse Michael, who presented the research with Mickey Shkatov at the Black Hat conference in Las Vegas on Friday.
The bootloader ecosystem encompasses a wide assortment of vendors, with Microsoft acting as a certificate authority. While Microsoft does provide some checks for the bootloader, though it is not an in-depth review for vulnerabilities.
The three bootloaders are registered to Eurosoft (UK) Ltd, New Horizon Datasys Inc and CryptoPro Secure Disk for Bitlocker, and represent two different classes of problem. Eurosoft and CryptoPro both offer signed shells (esdiags.efi and Shell_Full.efi) that could be used to dodge SecureBoot’s boundaries through scripting, including writing or mapping memory. The New Horizon Datasys vulnerability completely bipasses SecureBoot and can run arbitrary code.
The New Horizon vulnerability is a little more stealthy. In systems with monitors, shell code would open a window a user might see. The bypass does not open a window.
All the vulnerabilities require administrator access. But that might not be particularly difficult to evade.
“Every current malware ransomware campaign sends a program via email,” noted Shaktov.