Tues. October 4, 2022, at 10am PT/1pm ET
Introduced in 2012, Secure Boot has become a foundational rock in modern computing and is used by millions of UEFI-enabled computers worldwide due to its integration in their BIOS.
What is Secure Boot?
Secure Boot is a simple and effective way to prevent unsigned code from running during boot. Using tightly controlled code signing certificates, OEMs like Microsoft, Lenovo, Dell, and others use it to secure the boot process.
However, this model trusts developers are developing code without vulnerabilities or backdoors.
Come join SVP of Strategy, John Loucaides and Security Evangelist, Paul Asadoorian to learn about the vulnerabilities discovered by Eclypsium researchers Mickey Shkatov and Jesse Michael.
In this presentation, we will discuss:
- past and current flaws in valid bootloaders, including some that misuse built-in features to bypass Secure Boot inadvertently
- how malicious executables can hide from TPM measurements used by BitLocker and remote attestation mechanisms.
- how these new exploits work and discuss ways to remediate these vulnerabilities and preserve the integrity of the Secure Boot process.
