Critical Secure Boot Flaw Exposes PCs To Bootkit Malware Attacks, Patch ASAP

A newly disclosed Secure Boot vulnerability is putting a large number of PCs at risk of bootkit attacks, with security researchers urging immediate patching. The flaw, tracked as CVE-2025-3052, was uncovered by Binarly Research and involves a signed UEFI module that allows attackers to bypass or disable Secure Boot and execute unsigned code during system startup, before the OS even loads. This, in turn, could allow them to install 'bootkit' exploits that load from the EFI partition and are undetectable using tools running inside the operating system.

At the center of the problem is a UEFI module for BIOS flashing that was apparently first intended for rugged devices from DT Research. That module is signed with Microsoft’s widely trusted third-party UEFI CA 2011 certificate. Because that certificate is broadly accepted across most modern systems—it’s the same one used to sign Linux’s shim bootloader—any vulnerable module ...