Researchers have discovered a new set of vulnerabilities affecting some Acer and business laptop.
The discovered bt ESET vulnerability allowed bad actors to deactivate UEFI Secure Boot by generating NVRAM, a type of Non-Volatile Random Access Memory, variables directly from the operating system.
UEFI Secure Boot is a feature that acts as a verification mechanism, ensuring that malware like rootkits and botkits cannot start on your system, allowing them to disable or bypass security measures. protect or deploy their own payload with system privileges.
How does this vulnerability work?
The vulnerability, named #CVE-2022-4020, was found in the DXE HQSwSmiDxe driver under a Twitter posts (opens in a new tab) by ESET malware researcher Martin Smolar. It checks the NVRAM variable “BootOrderSecureBootDisable” and if it exists in your system, the driver disables Secure Boot.
Based on an Acer blog post (opens in a new tab)Affected models include the Acer Aspire A315-22, A115-21, A315-22G, Extensa EX215-21, and EX215-21G.
Acer says they are working on a BIOS update to resolve this issue which will be posted on support site (opens in a new tab). But in the meantime, the hardware company recommends updating your BIOS to the latest version to resolve this issue, and says that this update will be included as an important Windows update.
This is not the first time UEFI Secure Boot vulnerabilities have been disclosed by ESET in recent months.
The cybersecurity company also discovered UEFI firmware-related firmware vulnerabilities affecting Lenovo laptops in January 2022. disclosure in a Twitter post of his own.