Many Acer laptops have recently been subject to a vulnerability related to UEFI Secure Boot, requiring an urgent BIOS update.
The flaw in question was spotted by ESET malware researcher Martin Smolar, allowing an outsider with elevated privileges to tamper with Secure Boot settings to inject the affected devices with malware.
Another flaw related to Secure Boot
Like Lenovo a few weeks ago, Acer laptops are in turn victims of a security flaw related to UEFI. More specifically, the flaw was detected via the HQSwSmiDxe DXE driver, present on the following Acer Notebook models: Aspire
A315-22, A115-21, A315-22G, Extensa EX215-21 and EX215-21G.
This makes it very easy for outside attackers to disable the UEFI Secure Boot feature, the purpose of which is to block programs deemed dubious on TPM-enabled operating systems with a firmware UEFI.
The maneuver to disable Secure Boot simply goes through the creation of NVRAM variables. Once done, the hacker can take control of the operating system to inject different malicious programs into it by bypassing or disabling computer protections by granting themselves elevated privileges.
A BIOS update already available pending a update Windows
In order to quickly fix this critical flaw, Acer recommends promptly updating the BIOS of the affected devices to the most recent version. Such an operation will later be incorporated into a critical Windows update.
It is thus possible to find the latest version of the BIOS on the Acer support site, in order to deploy it manually on the affected systems, rather than waiting for its deployment via Windows.
This threat is certainly not to be taken lightly, since malicious programs thus deployed by disabling Secure Boot can persist on the system, even after a reinstallation of it. Since they are no longer considered by the device as questionable programs, protections against malware and other security solutions are indeed ineffective.
Source : National Vulnerability Database
1