Latest news with #SecureBoot
The Verge
2 days ago
- The Verge
Call of Duty's PC anti-cheat will require Secure Boot on Windows
To better protect against cheaters, Activision says that Call of Duty: Black Ops 7 players on PC will need to use hardware with Trusted Platform Module (TPM) 2.0 and have Windows' Secure Boot feature turned on when the game is available later this year. Ahead of that, Activision is doing a 'phased rollout' of the features alongside the launch of Call of Duty: Black Ops 6's fifth season on Thursday. At least for this season, it won't be 'enforcing against or requiring the use of either setting.' While anti-cheat systems and other security measures can go a long way toward blocking cheaters in games, the tools have come under scrutiny for potentially slowing down gamers' systems or for requiring users to turn on features they don't want to use. As Activision even admits in today's blog post, sometimes, they still aren't enough to fully block cheaters. Activision argues that 'these hardware-level protections are a key part of our anti-cheat efforts, and we're asking all players to get compliant now,' Activision says. 'This upcoming update will let us test our implementation of both features and gives you time to enable these settings.' Regarding performance, 'TPM 2.0 and Secure Boot will not impact in-game quality,' Activision says. 'These features perform checks during system and game startup but remain inactive while you play.' Activision is also encouraging users to turn on two-factor authentication. While two-factor authentication isn't required to play the game right now, it 'may become a requirement for all users in the future.' Posts from this author will be added to your daily email digest and your homepage feed. See All by Jay Peters Posts from this topic will be added to your daily email digest and your homepage feed. See All Entertainment Posts from this topic will be added to your daily email digest and your homepage feed. See All Gaming Posts from this topic will be added to your daily email digest and your homepage feed. See All News Posts from this topic will be added to your daily email digest and your homepage feed. See All PC Gaming
Mint
29-07-2025
- Mint
Microsoft Windows 11 update shows up on ‘incompatible' PCs: Should you click upgrade or beware?
A wave of confusion has hit PC users as Microsoft starts offering Windows 11 upgrades to computers that do not meet its official minimum requirements. The company, which once drew a clear line about which devices could install the latest OS, now appears to be rolling out the update to a wider range of older hardware. This has created questions about intent and reliability. Many users on Reddit and tech forums have shared experiences of receiving the Windows 11 upgrade prompt even though their computers lack Microsoft's approved components for the new operating system. Typical reasons for incompatibility include missing features like TPM 2.0, Secure Boot, or a modern processor. Previously, these machines would have been blocked or warned away from installing the new OS. Now, for reasons not explained by Microsoft, the upgrade is being offered as if the computers are fully compatible. This development has left many guessing about Microsoft's reasoning. As of now, the company has not released any statement clarifying whether this is a new, deliberate policy or some kind of technical mishap. There is speculation over whether Microsoft is easing compatibility rules or simply dealing with an error in deployment. With no formal word from the company, users are uncertain if the upgrade offer will last or if it could vanish just as quickly as it appeared. The sudden availability of Windows 11 on unsupported hardware has split opinion. Some users see it as a welcome opportunity for flexibility, especially since not everyone is ready or able to replace devices that still work. However, there are important risks to consider. Microsoft's own support notes warn that installing Windows 11 on unsupported PCs may lead to problems such as failed installations, unreliable performance, or missing drivers. More significantly, these devices may not receive security updates or customer support from Microsoft in the future. Those who see the upgrade prompt are advised to be cautious. It is best to back up important files and double-check the hardware requirements before accepting the upgrade. If an unsupported machine is upgraded, there is a greater risk of experiencing issues that cannot be easily fixed, and Microsoft may deny help if problems occur. When Windows 11 first launched, Microsoft's strict hardware requirements drew frustration from users whose computers were left behind. Workarounds for advanced users did exist, but these were not officially recommended or supported. At present, it is unclear whether the appearance of Windows 11 upgrades on unsupported machines marks a permanent change or a temporary mistake. Anyone faced with the update prompt should move carefully and must keep in mind that support and security might be less reliable than on a fully compatible system.
Fox News
11-07-2025
- Fox News
Windows 11 flaw lets hackers bypass Secure Boot protections
Microsoft hasn't received much love for Windows 11, with many users still reluctant to ditch Windows 10 even four years after the newer OS launched. The main reasons include Microsoft's constant push to use its own services, strict hardware requirements and questionable interface changes. But if you're looking for yet another reason to dislike Windows 11, security researchers recently uncovered a critical vulnerability affecting Secure Boot. This feature is supposed to prevent malware from loading during startup. Now, hackers can bypass that protection and silently infect systems. The flaw allows attackers to disable Secure Boot on nearly any modern Windows PC or server, leaving even fully updated devices open to stealthy, undetectable malware. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my The vulnerability, tracked as CVE-2025-3052, was discovered by firmware security firm Binarly. They found that a legitimate BIOS update tool signed by Microsoft could be abused to tamper with the Windows boot process. Once exploited, the flaw allows attackers to shut off Secure Boot entirely. In the wrong hands, this vulnerability could lead to a new generation of malware. These threats could bypass even the most advanced antivirus or detection software. At the center of the issue is a BIOS-flashing utility built for rugged tablets. Microsoft signed it using its UEFI CA 2011 certificate. Because that certificate is trusted on nearly every Secure Boot-enabled system, the tool can run without raising alarms. The danger lies in how the tool handles a specific NVRAM variable. Binarly's researchers found that it reads this variable blindly, without checking what's inside. That small oversight opens the door to a serious exploit. In a demonstration, Binarly used a proof-of-concept attack to change this variable's value. By setting it to zero, they were able to overwrite a global setting critical to enforcing Secure Boot. That action completely disabled Secure Boot protections. Once that happens, unsigned UEFI modules can run freely. Attackers can then install stealthy, low-level malware known as bootkits, malware that operates below the Windows operating system itself. For hackers, this method offers the ultimate persistence. Binarly reported the flaw to CERT/CC in February 2025. At first, it appeared to affect only a single module. But Microsoft's deeper investigation uncovered a bigger problem. The same vulnerability affected 14 modules signed with the same trusted certificate. Microsoft responded in June 2025 by revoking the cryptographic hashes of all 14 affected modules. These hashes were added to the Secure Boot revocation list, known as the dbx. This prevents the modules from running during startup. However, this protection is not automatic. Unless users or organizations manually apply the updated dbx, their systems remain vulnerable, even with other patches installed. Binarly revealed that the vulnerable tool had been online since late 2022. Someone uploaded it to VirusTotal in 2024, but it went unnoticed for months. At this point, it's unclear whether any attackers have used it in the wild. We reached out to Microsoft for comment but did not receive a response before our deadline. Protecting your PC doesn't have to be complicated. Just follow these simple steps to keep hackers at bay and your information safe. 1. Keep your computer updated: Software updates aren't just about new features. They fix serious security issues. In this case, Microsoft has already released a fix for the Secure Boot vulnerability, but it only works if your system is fully updated. Just head to your settings, open Windows Update, and make sure everything is installed. A lot of people delay updates for weeks, but these patches are the first line of defense against threats like this. 2. Don't install tools you don't fully understand: It might be tempting to download apps that claim to speed up your computer or fix problems, especially ones recommended in YouTube videos or tech forums. But that's exactly how a lot of threats sneak in. This particular vulnerability came from a legitimate-looking tool that was misused. So, if you're not sure what something does or if it asks for permission to change how your system boots up, skip it. Or ask someone who knows more, before you click anything. 3. Use strong antivirus software and leave it running: Even though this new threat targets something deep inside the system, having strong antivirus protection still helps catch related malware. If you're on Windows, Defender is already built in and does a decent job. But if you don't want to rely on Windows' built-in tools, use a third-party antivirus. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices by visiting 4. Restart your computer every now and then: This one sounds basic, but it matters. A lot of updates don't fully apply until after a restart. If you keep putting your computer to sleep or hibernating it for days at a time, your system might still be stuck in an unsafe state. Try to restart it at least every couple of days, or whenever an update asks for it. 5. Don't ignore warnings from Windows or your antivirus: If something pops up telling you a file looks dangerous or that an update is needed, pay attention. It's easy to get into the habit of closing these messages without reading them, but that's how problems get missed. If a warning looks confusing or too technical, take a screenshot or a photo, and ask someone for help. The important thing is not to ignore it and move on. 6. Remove your personal data from people-search sites: Even if hackers don't directly target you through the Secure Boot flaw, many cyberattacks begin by gathering personal information that's easily found online. This can include your full name, address, phone number and even the names of your relatives. Data broker websites collect and publish this information without your consent, putting you at greater risk. Using a personal data removal service helps you reduce your online exposure and make it harder for bad actors to target you. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren't cheap - and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It's what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services and get a free scan to find out whether your personal information is already out on the web by visiting Get a free scan to find out if your personal information is already out on the web: Secure Boot is supposed to be a final safeguard, a last barrier that ensures only verified code can load when a device starts. But this vulnerability shows how easily that trust can be broken. If a single signed utility can disable the entire system's protection, then the foundation of device security starts to look worryingly thin. Do you think Microsoft is doing enough to keep your PC secure? Let us know by writing us at Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my Copyright 2025 All rights reserved.
Forbes
11-06-2025
- Forbes
Microsoft Windows Secure Boot Bypass Confirmed — Update Now
Update now as Windows Secure Boot bypass confirmed. The second Tuesday of every month is always a busy one for users of the Microsoft Windows operating system, for it is then when the monthly security rollout happens. Truth be told, Patch Tuesday is less important than Exploit Wednesday; now, threat actors are aware of the confirmed vulnerabilities, and the race is on between attackers and those who would defend against them. We've already seen reports of a zero-day threat to all Windows users, where the attacks started some months ago, and while there are no known exploits of CVE-2025-3052 in the wild, that's no reason to take it any less seriously. Why so? Because this is a Secure Boot bypass that could open up your system to further attacks and compromise. I always get a bit jittery whenever I hear of a new vulnerability that can enable a bypass of the Windows Secure Boot protections. I don't really need to explain why, do I? Suffice to say, Secure Boot is what stops your Windows device from loading insecure operating system images during boot-up. You know, the kind of backdoors that cybercriminals and surveillance states would just love to drop in there. Anyhoo. Please excuse my jitters, then, as I reveal that security researchers at Binarly Research managed to uncover just such a vulnerability impacting the Secure Boot process. Classified by the Common Vulnerabilities and Exposures database as CVE-2025-3052, this one's a doozy: it is capable of turning the protections off and allowing malware to be installed on your Windows PCs and servers. CVE-2025-3052 would appear to impact most devices that support the Unified Extensible Firmware Interface. It is a memory corruption issue that sits within a module signed with Microsoft's third-party UEFI certificate and can be exploited to run unsigned code during the boot process. 'Because the attacker's code executes before the operating system even loads,' the Binarly Research report said, 'it opens the door for attackers to install bootkits and undermine OS-level security defenses.'
Tom's Guide
10-06-2025
- Tom's Guide
Major Windows Secure Boot flaw can be used by hackers to install bootkit malware — update your PC right now
Sometimes the features designed to keep our computers safe can put us most at risk thanks to a worrying security flaw that can be exploited by hackers in their attacks. As reported by BleepingComputer, a new Secure Boot bypass (tracked as CVE-2025-3052) was recently discovered that can be used to disable Windows 11's built-in security measures to install bootkit malware. Unlike your typical Windows malware, bootkit malware targets your computer's boot process which allows an attacker to gain full control over your operating system before it even loads. To make matters worse, this type of malware is also persistent and can remain on your PC even after you reinstall Windows. Here's everything you need to know about this new Secure Boot flaw and why it's imperative that you update your Windows PC right now to stay safe from any attacks exploiting it. According to a new blog post, this flaw was discovered by Binarly security researcher Alex Matrosov after he found a BIOS-flashing utility online. Signed with Microsoft's UEFI signing certificate, the utility in question was originally designed for rugged tablets. However, it can run on any of the best Windows laptops or desktops with Secure Boot enabled. First introduced back in 2012 with the release of Windows 8, Secure Boot was created to protect against bootkit malware by ensuring that only trusted software could load during a PC's startup sequence. Ironically, thanks to this flaw, Secure Boot-enabled PCs are now vulnerable to the very thing this security feature was designed to protect against. Following an investigation, it was discovered that the vulnerable module in the utility found by Mastrosov had been available online since at least the end of 2022, though it wasn't until last year that it was uploaded to the malware detection service VirusTotal. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. To show how serious this flaw was, he and the team at Binarly created a proof of concept (PoC) exploit that set the LoadImage function used to enforce Secure Boot to zero which effectively disabled it. With this feature disabled, an attacker can install bootkit malware that can hide from both Windows and any security software installed on a system. Back in February of this year, Mastrosov disclosed the flaw to Microsoft and a fix for it was created. However, while it worked to address the flaw, the software giant determined that it impacted 13 other modules which then had to be fixed as well. So how do you protect yourself from malware that starts before Windows even loads and can easily bypass the best antivirus software? Well, by updating your PC with the latest security updates from Microsoft. In June's Patch Tuesday updates, Microsoft has included a fix for this major security flaw along with patches for other recently discovered vulnerabilities. However, the company has also added 14 new hashes to its Secure Boot dbx revocation list. Fortunately for you, this updated dbx file is contained within Microsoft's latest round of Patch Tuesday updates. While installing the latest Windows updates may seem tedious at times, I highly recommend that you stop and take the time to do so as Microsoft often includes fixes for a variety of different security flaws while also adding new features to its operating system. Given that Patch Tuesday takes place on the second Tuesday of every month, at least you know ahead of time when these very important updates will arrive. This way, you can set aside the time needed to install them or better yet, set your PC to install them automatically. When dealing with security flaws that can bypass your antivirus software, the best identity theft protection services can help you recover your identity as well as any funds lost to malware or other scams as a result of them. Keep in mind though that for identity theft insurance to pay out, you need to be signed up for one of these services before an attack takes place. Although this Secure Boot bypass is worrying, it's worth noting that it wasn't exploited by hackers in the wild. Instead, security researchers created an exploit for it in order to show how dangerous this flaw could be if knowledge of it ended up in the wrong hands. Either way, it's a great reminder as to why it's so important to keep your PC (and all of the computers in your household for that matter) up to date.
