You must log in or register to comment.
Tutaj obszerniejszy blogpost o tych lukach.
luki bezpieczeństwa
These drivers immediately caught our attention by their very unfortunate (but surprisingly honest) names: SecureBackDoor and SecureBackDoorPeim. After some initial analysis, we discovered other Lenovo drivers sharing a few common characteristics with the SecureBackDoor* drivers: ChgBootDxeHook and ChgBootSmm. As it turned out, their functionality was even more interesting and could be abused to disable UEFI Secure Boot (CVE-2021-3972).
AAAARGH. Czas przerzucić się na jakiś niszowy hardware w nadziei, że to chociaż podniesie koszta ataku.