Ars Technica reports that, researchers at security firm Binarly found that Secure Boot is completely compromised on more than 200 older device models sold by Acer, Dell, Gigabyte, HP, Intel, Lenovo, Supermicro and others. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022.

They found that more than 10% of firmware images had this vulnerability. The cure – update your bios to ones without compromised keys.

We discovered the private component of one Platform Key in a data leak where a suspected ODM employee published the source code containing the PK on a public GitHub repository. The private key was stored in an encrypted file, which was “protected” by a weak 4-character-long password and thus easily guessable with any password-cracking tool.

-Binarly report