Microsoft finally patches serious UEFI Secure Boot flaw after seven-month delay

May Be Interested In:Lakers’ run of dumb luck continues as another unbelievable trade falls into GM Rob Pelinka’s lap


Bottom line: Microsoft has addressed a significant security vulnerability that left Windows 11 open to malware attacks at one of the system’s most critical levels for more than half a year. It’s concerning – though perhaps not surprising – that Microsoft knowingly left this loophole unpatched for such a long period. Users are strongly advised to apply the update immediately.

The vulnerability (CVE-2024-7344) allowed bad actors to sneak malicious code onto devices in a way that could bypass many of Windows 11’s built-in security defenses. It exploited a flaw in how certain third-party firmware utilities handled secure UEFI boot processes, giving attackers elevated system privileges and allowing their malicious payloads to hide in plain sight. Those types of firmware-based attacks are among the most difficult to detect.

The issue stems from how some legitimate system utilities use Microsoft-approved digital certificates. The company has a strict manual review process for third-party firmware apps that must run during the secure boot phase. However, a researcher at security firm ESET discovered that at least seven different vendors had been using a signed firmware component called “reloader.efi” in an insecure manner.

By employing a custom executable loader, these utilities could inadvertently bypass Microsoft’s security checks and run any firmware code, including unsigned binaries that secure boot protections should have blocked. That opened the door for sophisticated attackers to piggyback malware onto legitimate utilities.

The vendors who unknowingly exposed this risk with their system utilities include Howyar Technologies, Greenware, Radix, Sanfong, WASAY, CES, and SignalComputer. They have all issued updates to address the issue. Microsoft has also revoked the digital certificates for the affected firmware versions, which should prevent hackers from exploiting the security hole.

Still, the bigger story is how the vulnerability persisted for over seven months after ESET initially notified Redmond of the problem in July 2024. There’s no evidence that hackers actively leveraged this vulnerability in real-world attacks. However, the fact that such a glaring hole existed for such an extended period is disconcerting.

Microsoft has pushed out an update to resolve CVE-2024-7344, so Windows 11 users should ensure they have all the latest patches installed – specifically from the January 14th Patch Tuesday release.

share Share facebook pinterest whatsapp x print

Similar Content

Trump’s Inauguration Revealed Whom He Really Serves: the Billionaires and the Crypto Bros
Trump’s Inauguration Revealed Whom He Really Serves: the Billionaires and the Crypto Bros
Dragon Age: The Veilguard game director Corinne Busche reportedly leaves BioWare
Dragon Age: The Veilguard game director Corinne Busche reportedly leaves BioWare
A year in review of 2024 U.S. politics
A year in review of 2024 U.S. politics
A damaged window is seen at Congregation Beth Tikvah in Montreal after its second arson attack in a little more than a year, Wednesday December 18, 2024.
Israeli, Canadian officials clash over whether Great White North is safe for Jews
What Trump’s Pledge to Plant the U.S. Flag on Mars Really Means
What Trump’s Pledge to Plant the U.S. Flag on Mars Really Means
Games Inbox: What will be the Nintendo Switch 2 launch games?
Games Inbox: What will be the Nintendo Switch 2 launch games?
Frontline Report: Today’s Hard-Hitting Stories | © 2025 | Daily News