A researcher named Dawid Potocki discovered a security flaw affecting MSI motherboards. After several unsuccessful attempts to reach the Taiwanese company, he made it his mission to inform the public of this exploit, which probably affected thousands of PCs around the world.
Me Potocki uncovered “a UEFI Secure Boot default setting that allows any operating system image to run even if its software signature is wrong or missing.
To read – Beware of this fake version of MSI Afterburner, it infects your PC to mine cryptos
Secure Boot (or secure launch) is a UEFI feature that only allows the OS to start if it is digitally signed, and therefore recognized. According to Me Potocki, a bad adjustment currently puts endanger the security of nearly 300 motherboards MSI. Fortunately, our researcher says that laptops, such as the MSI Alpha 15 Advantage Edition, for example, are not affected.
Some MSI motherboards are incorrectly tuned, they expose a dangerous flaw
This flaw indiscriminately affects motherboards for AMD and Intel, whether the processors are recent or old. Some firmware settings are faulty, and since MSI seems to ignore calls from the security researcher, it’s up to you as the user to change your motherboard setting, if applicable. Fortunately, Me Potocki gives us the procedure to follow, and it is rather simple. The list of affected references is available on its Github.
On his blog, he states: “MSI motherboards with certain firmware versions allow by default to boot binary files even if they violate the security policy. They therefore do not provide any additional security.” To deny startup in case of policy violation, navigate to where the Secure Boot settings are located in your UEFI. Change “Secure Boot Mode” to “Custom”, then open “Image Execution Policy”. Change “Always Execute” to “Deny Execute” for “Removable Media” and for “Fixed Media”.
Source : Dawid Potocki