Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

CERT/CC UEFI DBX mitigation for vendor-signed applications

Advisory/Mitigation
First reported
Last updated
Happening score
H score 28
1 unique sources, 1 articles

Summary

Hide ▲

CERT/CC issued mitigation guidance to apply UEFI Forbidden Signature Database (DBX) updates, reducing Secure Boot bypass risk for affected vendor-signed UEFI applications. The advisory covers binaries from Acer, AMD, ASUS, ECS, Getac, GIGABYTE, Toshiba, and Uniwill. Administrators are being told to revoke trust in the affected binaries before they can execute during boot.

Related Happenings

GIGABYTE security patch release for CVE-2026-4415

Security Patch Release
H score39 First: 01.04.2026 01:28 Last: 01.04.2026 01:28 Sources 1

About this happening: **GIGABYTE** is directing users of **Control Center** to upgrade to **25.12.10.01** to mitigate **CVE-2026-4415**, a flaw that exposed systems to remote file writes. The update ma...

Open Happening

IP KVM devices unauthenticated root access and command execution flaws (multiple vulnerabilities)

Vulnerability
H score39 First: 18.03.2026 13:42 Last: 18.03.2026 13:42 Sources 1

About this happening: Nine **IP KVM vulnerabilities** across **GL-iNet Comet RM-1**, **Angeet/Yeeso ES3 KVM**, **Sipeed NanoKVM**, and **JetKVM** can expose attached hosts to **root access** and **comm...

Open Happening

Windows 10 KB5075912 February 2026 Patch Tuesday update

Security Patch Release
H score26 First: 10.02.2026 21:06 Last: 10.02.2026 21:06 Sources 1

About this happening: **Microsoft** released **Windows 10 KB5075912** for **February 2026 Patch Tuesday**, delivering security fixes for **58 vulnerabilities** including **six actively exploited zero-d...

Open Happening

Microsoft January 2026 Patch Tuesday 114-flaw security update (multiple vulnerabilities)

Security Patch Release
H score40 First: 13.01.2026 20:34 Last: 13.01.2026 20:34 Sources 1

About this happening: **Microsoft** released its **January 2026 Patch Tuesday** update, fixing **114 flaws** and raising urgency because it includes **one actively exploited** issue and **two publicly...

Open Happening

Motherboard firmware updates for UEFI DMA flaw (ASUS, Gigabyte, MSI, ASRock)

Security Patch Release
H score16 First: 19.12.2025 17:54 Last: 19.12.2025 17:54 Sources 1

About this happening: **ASUS**, **Gigabyte**, **MSI**, and **ASRock** issued **security bulletins** and **firmware updates** for impacted **motherboard models** after a disclosed **UEFI DMA flaw** expo...

Open Happening

Timeline

  1. 19.06.2026 21:33 2 articles · 3h ago

    CERT/CC advises DBX updates to block Secure Boot bypass on vulnerable UEFI applications

    Mitigation Patch Update

    CERT/CC advises system administrators to apply updates to the UEFI Forbidden Signature Database (DBX) to revoke trust in affected vendor-signed binaries from Acer, AMD, ASUS, ECS, Getac, GIGABYTE, Toshiba, and Uniwill. The guidance is intended to prevent a BYOVD attack path that could let an attacker with administrative privileges or physical access execute arbitrary code during the early pre-boot phase before the operating system initializes.

    Show sources
    Open in new tab