• Norah - She/They
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    The vulnerability actually isn’t in Windows Boot Manager, it’s a flaw in the image-parsing code of the UEFI itself. That’s why it’s able to bypass SecureBoot.

    It just happens that for whatever reason you can easily update the image file from within Windows/Linux itself. The fact they don’t show a logo currently does not mean you’re immune, as the system might just be showing a black screen at that point. Code can be injected into an image file without perceptibly affecting the image output, so you’d likely be able to use a “black screen” logo. If your computer has a UEFI instead of a BIOS, which is pretty much everything from the last 10yrs, then you are more than likely at risk.

    My computer likely isn’t susceptible, and that’s because it’s a Dell workstation. While the bug still exists in the image parser, Dell has locked things down so it’s pretty much impossible to change the boot logo from userspace.

    • Flaky@iusearchlinux.fyi
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      FWIW, some firmware allow changing it during the update procedure. I remember having to update my ThinkPad’s firmware and it had that option.

      • Norah - She/They
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        That’s valid, I looked into it with Dell and later articles have mentioned they aren’t susceptible.

    • yum13241@lemm.ee
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Yes, IK WBM is not the problem here. My systems don’t show a logo at all, and they don’t have a “hide logo” options.