ylai@lemmy.ml to cybersecurity@infosec.pubEnglish · 8 months agoMicrosoft waited 6 months to patch actively exploited admin-to-kernel vulnerabilitywww.theregister.comexternal-linkmessage-square7fedilinkarrow-up167arrow-down15cross-posted to: [email protected]
arrow-up162arrow-down1external-linkMicrosoft waited 6 months to patch actively exploited admin-to-kernel vulnerabilitywww.theregister.comylai@lemmy.ml to cybersecurity@infosec.pubEnglish · 8 months agomessage-square7fedilinkcross-posted to: [email protected]
minus-squareJustinAlinkfedilinkEnglisharrow-up1·8 months agoYeah, it actually looks like Ubuntu leaves the module signing key accessible to root on the filesystem: https://wiki.ubuntu.com/UEFI/SecureBoot#Security_implications_in_Machine-Owner_Key_management So root access basically gives you kernel access, if you just sign a malicious kernel module with the MOK.
Yeah, it actually looks like Ubuntu leaves the module signing key accessible to root on the filesystem:
https://wiki.ubuntu.com/UEFI/SecureBoot#Security_implications_in_Machine-Owner_Key_management
So root access basically gives you kernel access, if you just sign a malicious kernel module with the MOK.