all InfoSec news
Shim Shady (CVE-2023-40527): A Bootloader Vulnerability Story
Malware Analysis, News and Indicators - Latest topics malware.news
Unveiling CVE-2023-40547 – Safeguarding Systems from Critical Shim Vulnerability
A vulnerability tracked as CVE-2023-40547 impacts shim, a critical piece of software used by most Linux distributions to support UEFI Secure Boot.
Discovered and reported by Bill Demirkapi at Microsoft’s Security Response Center, this particular vulnerability stems from HTTP protocol handling, leading to an out-of-bounds write and potentially complete system compromise.
The post Shim Shady (CVE-2023-40527): A Bootloader Vulnerability Story appeared first on Eclypsium | Supply Chain Security …
bill bill demirkapi boot bootloader center critical cve cve-2023-40547 demirkapi distributions handling http linux linux distributions microsoft piece protocol response secure boot security shim software story support systems uefi vulnerability