Critical Bootloader Vulnerability in Shim Impacts Nearly All Linux Distros | allinfosecnews.com

Feb. 7, 2024, 1:33 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances.
Tracked as CVE-2023-40547 (CVSS score: 9.8), the vulnerability could be exploited to achieve a Secure Boot bypass. Bill Demirkapi of the Microsoft Security Response Center (MSRC) has been&

address bill bill demirkapi boot bootloader bug bypass code code execution critical cve cvss cvss score demirkapi exploited flaws linux linux distros maintainers remote code remote code execution score secure boot security security flaws shim six under version vulnerability

More from thehackernews.com / The Hacker News

New PHP Vulnerability Exposes Windows Servers to Remote Code Execution 1 day, 20 hours ago | thehackernews.com

argument cgi code code execution +19

Microsoft Revamps Controversial AI-Powered Recall Feature Amid Privacy Concerns 1 day, 21 hours ago | thehackernews.com

ai-powered artificial artificial intelligence coming +17

Ultimate Cyber Hygiene Guide: Learn How to Simplify Your Security Efforts 2 days, 12 hours ago | thehackernews.com

attacks basic breaches businesses +23

LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities 2 days, 12 hours ago | thehackernews.com

advanced android apple apple ios +24

Cyber Landscape is Evolving - So Should Your SCA 2 days, 17 hours ago | thehackernews.com

analysis application application security arsenal +21

The AI Debate: Google's Guidelines, Meta's GDPR Dispute, Microsoft's Recall Backlash 2 days, 17 hours ago | thehackernews.com

advertising android android app app +27

FBI Distributes 7,000 LockBit Ransomware Decryption Keys to Help Victims 2 days, 20 hours ago | thehackernews.com

back bureau cost data +11

SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign 2 days, 21 hours ago | thehackernews.com

actor agency attacks called +19

Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances 2 days, 23 hours ago | thehackernews.com

actor amp attack attackers +26

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States

View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States

View on infosec-jobs.com