The vulnerability, uncovered bt ESET allowed bad actors to deactivate UEFI Secure Boot by creating NVRAM, a type of non-volatile Random Access Memory, variables directly from the operating system.
UEFI Secure Boot is a feature that acts as a verification mechanism, which ensures that malignant software like rootkits and botkits can't boot on your systems, allowing them to disable or bypass protections or to deploy their own payloads with the system privileges.
How does this vulnerability work?
The vulnerability, dubbed #CVE-2022-4020, is to be found in the DXE driver HQSwSmiDxe according to a Twitter post by ESET malware researcher Martin Smolar. It checks for the “BootOrderSecureBootDisable” NVRAM variable, and if the variable exists within your system, the driver then disables Secure Boot.
According to a blog post by Acer, impacted models include the Acer Aspire A315-22, A115-21, A315-22G, Extensa EX215-21, and EX215-21G.
Acer said it is working on a BIOS update to resolve this issue that will be posted on its support site. But in the meantime, the hardware firm recommends updating your BIOS to the latest version to resolve this issue and said that this update will be included as a critical Windows update.
This isn't the first time that UEFI Secure Boot vulnerabilities have been revealed by ESET in recent months.
- Check out our guide to the best firewalls right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Will McCurdy has been writing about technology for over five years. He has a wide range of specialities including cybersecurity, fintech, cryptocurrencies, blockchain, cloud computing, payments, artificial intelligence, retail technology, and venture capital investment. He has previously written for AltFi, FStech, Retail Systems, and National Technology News and is an experienced podcast and webinar host, as well as an avid long-form feature writer.