Someone at MSI screwed up and left hundreds of the company’s motherboards vulnerable to malware.
As BleepingComputer reports(Opens in a new window), the vulnerability was discovered by Polish security researcher Dawid Potocki(Opens in a new window) when he decided to setup Secure Boot on his new desktop PC. Secure Boot is used to ensure UEFI drivers and operating system boot loaders are signed by a trusted digital signature before they are allowed to execute.
What Potocki found was that MSI had changed the Secure Boot default settings in its firmware so that an option called “Image Execution Policy” was set to “Always Execute.” It means that even if security violations are detected and the operating system is untrusted, the motherboard will still allow it to run.
End users will have no idea their system is vulnerable unless they decide to check the Secure Boot settings themselves. Worse still, is the fact Potocki has found more than 290 MSI motherboards are at risk, with the full list available to view on GitHub(Opens in a new window).
If you have an affected MSI motherboard, the best course of action is to update it to the latest firmware version(Opens in a new window) and then manually check the Image Execution Policy is set to “Deny Execute” for both “Removable Media” and “Fixed Media.”
Recommended by Our Editors
You’d think MSI would be eager to hear about this problem and ensure all its motherboards changed the Image Execution Policy setting as quickly as possible. However, that’s not the case. As Potocki explains, “If you are curious, yes, I have tried contacting MSI about this issue, but they ignored my emails and other forms of communication I have tried.”
Get Our Best Stories!
Sign up for What’s New Now to get our top stories delivered to your inbox every morning.
The post Hundreds of MSI Motherboards Have a Serious Security Flaw first appeared on www.pcmag.com