{"id":15406,"date":"2025-10-02T15:25:27","date_gmt":"2025-10-02T22:25:27","guid":{"rendered":"https:\/\/mattfife.com\/?p=15406"},"modified":"2025-09-29T16:19:20","modified_gmt":"2025-09-29T23:19:20","slug":"got-an-older-pc-update-that-bios","status":"publish","type":"post","link":"https:\/\/mattfife.com\/?p=15406","title":{"rendered":"Got an older PC? Update that BIOS"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/arstechnica.com\/security\/2024\/07\/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers\/\" target=\"_blank\" rel=\"noreferrer noopener\">Ars Technica reports that<\/a>, researchers at security firm Binarly found that <a href=\"https:\/\/www.binarly.io\/blog\/pkfail-untrusted-platform-keys-undermine-secure-boot-on-uefi-ecosystem\" data-type=\"link\" data-id=\"https:\/\/www.binarly.io\/blog\/pkfail-untrusted-platform-keys-undermine-secure-boot-on-uefi-ecosystem\">Secure Boot is completely compromised<\/a> on more than 200 older device models sold by Acer, Dell, Gigabyte, HP, Intel, Lenovo, Supermicro and others. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">They found that more than 10% of firmware images had this vulnerability. The cure &#8211; update your bios to ones without compromised keys. <\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">We discovered the private component of one Platform Key in a data leak where a suspected ODM employee published the source code containing the PK on a public GitHub repository. The private key was stored in an encrypted file, which was \u201cprotected\u201d by a weak 4-character-long password and thus easily guessable with any password-cracking tool.<\/p>\n<cite>-Binarly report<\/cite><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Ars Technica reports that, researchers at security firm Binarly found that Secure Boot is completely compromised on more than 200 older device models sold by Acer, Dell, Gigabyte, HP, Intel, Lenovo, Supermicro and others. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022. They found that more than 10% of firmware images had this vulnerability. The cure &#8211; update your bios to ones without compromised keys. We discovered the private component of one&#8230;<\/p>\n<p class=\"read-more\"><a class=\"btn btn-default\" href=\"https:\/\/mattfife.com\/?p=15406\"> Read More<span class=\"screen-reader-text\">  Read More<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[9,5],"tags":[],"class_list":["post-15406","post","type-post","status-publish","format-standard","hentry","category-cool","category-technical"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4WECr-40u","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/posts\/15406","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mattfife.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15406"}],"version-history":[{"count":4,"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/posts\/15406\/revisions"}],"predecessor-version":[{"id":15410,"href":"https:\/\/mattfife.com\/index.php?rest_route=\/wp\/v2\/posts\/15406\/revisions\/15410"}],"wp:attachment":[{"href":"https:\/\/mattfife.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15406"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mattfife.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15406"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mattfife.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15406"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}