New Information Regarding the SecureBoot Issue

03/03/2021

There is new information about SecureBoot and BootHole.

We previously addressed this matter in our newsletter SecureBoot Issues on January 22nd, 2021.
It has now been official announced that other security vulnerabilities had emerged in the wake of the discovery of the BootHole. As of today, these vulnerabilities have been fixed. We are very pleased that our team here at Miray played an important part in finding and fixing these issues and therefore we were able to contribute to the security improvements. Based on the latest developments, we have compiled additional information for you.

You may find more information on the technical specifics of the security vulnerabilities on these sites:

GNU/GRUB:
https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html

Debian:
https://www.debian.org/security/2021-GRUB-UEFI-SecureBoot/

SUSE:
https://www.suse.com/support/kb/doc/?id=000019892/

Ubuntu:
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass2021

RedHat:
https://access.redhat.com/security/vulnerabilities/RHSB-2021-003









The cleanup of the security vulnerabilities requires that all bootloaders on this basis, that are intended to support SecureBoot, must be reissued. This requires all vendors, including Miray, to undergo a certification and signature process. Once this process has been successfully completed, we will provide updated versions (updates) of our products, namely for url=https://www.miray-software.com/HDClone]HDClone[/url] and HDShredder.

These versions will then resolve restrictions that have been imposed by the above-mentioned security vulnerabilities – it will once again be possible to boot on SecureBoot systems without any constraints or time limitations.

During the course of fixing the security vulnerabilities, the requirements for SecureBoot-enabled software have been tightened, which also necessitates changes in the underlying operating system of our products. Therefore, we can only provide the above-mentioned updates with full SecureBoot capability in the newest product versions.

We will provide you with more detailed information as soon as these new versions are available.

20/68

News archive