ESET researchers found a vulnerability in some Acer laptops🇧🇷 Space allows attackers to disable UEFI Secure Boot and create variable NVRAM (Non-Persistent Random Access Memory) directly in the operating system.
According to the information, Secure Boot has a verification mechanism function that prevents malware (rootkits and botkits) from booting with the system. Without this protection, hackers can change the settings to gain privileges under the machine.🇧🇷
According to ESET researcher Martin Smolar, the vulnerability named #CVE-2022-4020 can be found in DXE driver HQSwSmiDxe. Thus, it is possible to verify the existence of the NVRAM variable “BootOrderSecureBootDisable”.
If this variable is present on the system, the driver disables Secure Boot. As stated, this leaves the machine unprotected against possible actions of intruders and performance of malware.
According to the list published by Acer, these are the five laptop models affected by the vulnerability🇧🇷
- Aspirate the A315-22;
- Aspirate the A115-21;
- Aspirate the A315-22G;
- Comprehensive EX215-21;
- Comprehensive EX215-21G.
Workarounds
on the note, Acer claimed to be working on a BIOS update to fix the problem.🇧🇷 The update will be posted on the manufacturer’s support page, without setting an exact date.
In this respect The company recommends that users of affected devices update the BIOS to the latest version.🇧🇷 Also, future patch update will be included as a critical Windows update.
Source: Tec Mundo
