Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Framework UEFI Secure Boot bypass mitigation guidance

Advisory/Mitigation
First reported
Last updated
Happening score
H score 19
1 unique sources, 1 articles

Summary

Hide ▲

Framework advised impacted Linux users to install available security updates and use a BIOS DB-key workaround to limit Secure Boot bypass risk across about 200,000 systems. Where patches are not yet available, the guidance adds physical access prevention as a temporary control. The mitigations target shipped signed UEFI shell components that can be abused to load bootkits and persist across reboots.

Related Happenings

Windows 10 KB5082200 April 2026 Patch Tuesday security update

Security Patch Release
First: 14.04.2026 21:09 Last: 14.04.2026 21:09 Sources 1

About this happening: Microsoft released **Windows 10 KB5082200** for **April 2026 Patch Tuesday**, closing **167 vulnerabilities** including **two zero-days** on supported **Windows 10** systems. The...

Open Happening

IP KVM devices unauthenticated root access and command execution flaws (multiple vulnerabilities)

Vulnerability
First: 18.03.2026 13:42 Last: 18.03.2026 13:42 Sources 1

About this happening: Nine **IP KVM vulnerabilities** across **GL-iNet Comet RM-1**, **Angeet/Yeeso ES3 KVM**, **Sipeed NanoKVM**, and **JetKVM** can expose attached hosts to **root access** and **comm...

Open Happening

Windows 10 KB5075912 February 2026 Patch Tuesday update

Security Patch Release
First: 10.02.2026 21:06 Last: 10.02.2026 21:06 Sources 1

About this happening: **Microsoft** released **Windows 10 KB5075912** for **February 2026 Patch Tuesday**, delivering security fixes for **58 vulnerabilities** including **six actively exploited zero-d...

Open Happening

Microsoft Windows 10 KB5073724 extended security update

Security Patch Release
First: 13.01.2026 20:56 Last: 13.01.2026 20:56 Sources 1

About this happening: Microsoft's **KB5073724** extended security update for **Windows 10** closes **114 vulnerabilities**, including **3 zero-days**, and addresses expiring **Secure Boot certificates*...

Open Happening

Microsoft January 2026 Patch Tuesday 114-flaw security update (multiple vulnerabilities)

Security Patch Release
First: 13.01.2026 20:34 Last: 13.01.2026 20:34 Sources 1

About this happening: **Microsoft** released its **January 2026 Patch Tuesday** update, fixing **114 flaws** and raising urgency because it includes **one actively exploited** issue and **two publicly...

Open Happening

Timeline

  1. 14.10.2025 16:22 2 articles · 7mo ago

    Framework issues Secure Boot bypass mitigation guidance

    Mitigation Patch Update

    Framework began remediating vulnerabilities affecting roughly 200,000 Linux systems shipped with signed UEFI shell components containing the `mm` command, which can overwrite `gSecurity2` and bypass Secure Boot protections. Impacted users were advised to install available security updates, delete Framework's DB key via the BIOS where a patch is not yet available, and use physical access prevention as a temporary safeguard against bootkit persistence.

    Show sources
    Open in new tab