Secure Boot useless on PCs from major vendors after key leak

A recent study by Binarily has revealed that hundreds of PCs from major manufacturers, including Dell, Acer, and HP, are vulnerable due to the use of a leaked 12-year-old test platform key (PK) in their UEFI Secure Boot implementations. This key, which was leaked in 2022, allows attackers to bypass Secure Boot protections by manipulating key databases. The researchers noted that over ten percent of the firmware images analyzed are susceptible to exploitation using this untrusted PK, which was issued by American Megatrends International. The presence of "DO NOT TRUST" labels on the key indicates that it was not intended for production use. If exploited, this vulnerability could allow untrusted code to run during the boot process, compromising the entire security chain from firmware to the operating system. Binarily has released a free tool to help users check their systems for this vulnerability, termed "PKFail." In related security news, TracFone has been fined $16 million by the FCC for failing to secure customer data, leading to breaches that compromised personal information. Additionally, a report from Cisco Talos highlighted that 80% of ransomware incidents in Q2 occurred in organizations lacking multifactor authentication, emphasizing the need for improved security measures.