Microsoft Security Advisory Highlights 'BootHole' Vulnerability in Systems with Secure Boot
Microsoft on Wednesday issued Security Advisory ADV200011 concerning a security bypass vulnerability for the Secure Boot protection scheme in machines using the Grand Unified Boot Loader (GRUB).
GRUB, currently at version 2, is used in Linux operating system distributions. However, the vulnerability (CVE-2020-10713) is present in all Unified Extensible Firmware Interface (UEFI) client and server machines "where Secure Boot trusts the [Microsoft] third-party UEFI CA [certificate authority]," the advisory noted.
This GRUB2 vulnerability also got echoed in a July 30 U.S Cybersecurity and Infrastructure Security Agency notice.
A successful attack using the vulnerability permits attackers to "run arbitrary boot code on the target device," which enables them to load "executables and drivers" on the device. It essentially would let attackers bypass Secure Boot, a protection scheme in UEFI-based machines, early on championed by Microsoft, that was designed to prevent malware from loading at the boot-process level. Such malware is typically called a "rootkit."
Microsoft and the computer industry have since shifted away from Secure Boot as the ultimate boot-level protection scheme against rootkits. They now advocate for "Secured-core" PCs as a better alternative.
The discoverers of the vulnerability, Portland, Ore.-based device security firm Eclypsium, aptly dubbed this vulnerability "BootHole."
Eclypsium researchers are planning to talk about BootHole in a coming online presentation, starting on Aug. 5, with sign-up accessible at this page.
In a must-read description of both Secure Boot and the BootHole flaw, Eclypsium indicated in a blog post that most devices, Linux-based or otherwise, are subject to these exploits:
The vulnerability affects systems using Secure Boot, even if they are not using GRUB2. Almost all signed versions of GRUB2 are vulnerable, meaning virtually every Linux distribution is affected. In addition, GRUB2 supports other operating systems, kernels and hypervisors such as Xen. The problem also extends to any Windows device that uses Secure Boot with the standard Microsoft Third Party UEFI Certificate Authority. Thus the majority of laptops, desktops, servers and workstations are affected, as well as network appliances and other special purpose equipment used in industrial, healthcare, financial and other industries.
No Patch, No Workaround
There's no patch for the vulnerability, which apparently will cause Linux distro makers to hunker down and create new boot loader shims to address the issue. These shims are used in systems using Secure Boot to work with Microsoft's UEFI certificate authority scheme, Eclypsium explained.
Microsoft will release updates to block the shims that load the "vulnerable versions of GRUB2." However, at this point, these updates only will be available for manual application by certain interested parties, since they could bear the risks of "bricking systems," Eclypsium added.
Getting new bootloaders without the vulnerabilities is going to take some time, Eclypsium noted:
Mitigation will require new bootloaders to be signed and deployed, and vulnerable bootloaders should be revoked to prevent adversaries from using older, vulnerable versions in an attack. This will likely be a long process and take considerable time for organizations to complete patching.
Microsoft's security advisory just described two "mitigations" that are currently available. However, carrying them out entails risks.
Severity and Actions To Take
Microsoft's advisory just rated this vulnerability as being "Important" in severity, possibly because an attacker would need to have administrative privileges on a machine, or physical access, to carry out an attack. However, Eclypsium described it as having "a CVSS [Common Vulnerability Scoring System] rating of 8.2 (High)."
Given those circumstances, Eclypsium advised organizations to monitor the contents of bootloader partitions. Updates to operating systems should be installed as usual to reduce possible privilege escalation flaws.
Eventually, organizations will need to install a so-called "revocation update," when available. These updates should be tested first before a general rollout across an organization. Lastly, Eclypsium advised checking with third-party vendors on their progress addressing the BootHole vulnerability and whether they have any remediation plans.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.