New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) - Help Net Security

ESET researchers discovered a vulnerability (CVE-2024-7344) in UEFI-based systems, allowing attackers to bypass UEFI Secure Boot and execute untrusted code. The vulnerability impacts several real-time system recovery software suites developed by various vendors. Mitigation involves applying the latest UEFI revocations from Microsoft, which should be automatic for Windows systems and available through the Linux Vendor Firmware Service for Linux systems.