Devices from manufacturers such as Acer, Dell, HP, and Lenovo are at risk of malicious firmware being executed at boot time due to a vulnerability called PKfail. Cybersecurity professionals should now examine their devices for this vulnerability and have a plan to fix all affected devices. Otherwise, businesses will be at risk of data breaches.
How PKfail Works
The PKFail vulnerability occurred because platform keys (PKs) for testing purposes were used in production and they were found to be leaked. The leaked PKs allow bad actors to modify secure boot and execute malicious firmware. AMI, an independent bios vendor, sells Unified Extensible Firmware Interface (UEFI) firmware to device manufacturers, who build on this firmware to make it usable for their hardware. AMI created PKs to test its UEFI firmware. Each device manufacturer should replace the PKs once the firmware is modified. Many device manufacturers …