Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124


The standard for all Microsoft companies designed to protect Windows, and later Linux, devices from firmware infections have been small for 13 years out of 14 years of existence. The discovery was made by researchers at security firm ESET after they identified 11 firmware images, at least one from 2013, that were known to be faulty but remained signed by the software company.
These images are known as shimswhich are designed to add Boot Security to Linux devices and support programs. Using a simple method to be done by novice hackers, old, forgotten shims can be used to bypass the security, which is installed in the UEFI (Unified Extensible Firmware Interface) of the device’s motherboard. The gaffes are the result of Microsoft, which oversees the signing of shims, failing to return publicly available images when vulnerabilities were found in them.
This vulnerability extends to Windows and Linux users alike, as the shim can be installed on devices running both operating systems. From there, an attacker can tamper with the chain of custody of the digitally signed firmware to install malicious firmware that loads at first boot and persists when the OS is restored or the hard drive is replaced.