One less thing to worry about Windows 11 being attacked by malicious parties as Microsoft officially fixed the vulnerability after its discovery for 7 months.
Identified as CVE-2024-7344, it allowed malicious code to be executed without the OS’s security defenses knowing any of it due to a flaw exploited within the UEFI’s Secure Boot process that is managed by 3rd-party firmware utilities. It is discovered by a security researcher from ESET upon the uncovering of “reloader.efi” which is a signed firmware component yet used insecurely by at least 7 vendors of Howyar Technologies, Greenware, Radix, Sanfong, WASAY, CES, and SignalComputer.
The intention of the vulnerability was not malicious though as it is a way to employ a custom executable loader but with the ability to bypass Windows 11’s security checks, bad actors could utilize legitimate utilities to run unsigned binaries.
Therefore, Microsoft mitigated the threat by working with affected vendors which issued their own patches while MS themselves revoked the digital certificates associated with the vulnerable firmware versions, effectively blocking further exploitation.
However, the bigger problem of needing 7 months to address such a flaw created more raves in the industry than the CVE itself as it highlighted the systemic challenges in addressing security flaws.
For any users who want to deploy the update for guaranteed protection against the problem no matter what branded PCs or laptops they are using, the patch is issued through the January 14 Patch Tuesday update.
