New Flaw in Acer Laptops Let Attackers Disable Boot Protection

Consultants from Acer noticed more than one Acer notebook computer units maintain vulnerabilities that would let hackers disable the ‘Gain Boot’ characteristic and safety checks to install malware.

The vulnerability, tracked as CVE-2022-4020 (CVSS accumulate of 8.1), used to be came all the plan in which by strategy of in the HQSwSmiDxe DXE driver, which examines to gaze if the NVRAM variable “BootOrderSecureBootDisable” is unusual to disable Gain Boot.

“Researchers maintain identified a vulnerability that can allow changes to Gain Boot settings by organising NVRAM variables (the true worth of the variable is no longer critical, easiest the existence is checked by the affected firmware drivers),” Acer

This high-severity vulnerability impacts five different units that consist of Aspire A315-22, A115-21, and A315-22G, and Extensa EX215-21 and EX215-21G.

Martin Smolar, an ESET safety researcher, is credited for discovering and disclosing the vulnerability.

Hackers Disable Gain Boot Feature and Security Checks

The Gain Boot safety characteristic blocks untrusted working systems bootloaders on pc systems with a Relied on Platform Module (TPM) chip and Unified Extensible Firmware Interface (UEFI) firmware to forestall malicious code fancy rootkits and bootkits from loading throughout the startup assignment.

Researchers deliver threat actors can hijack the OS loading assignment, load unsigned bootloaders to avoid or disable protections, after which delivery malicious payloads with administrative capabilities on affected Acer laptops after exploiting the vulnerability and disabling Gain Boot.

“By disabling the Gain Boot characteristic, an attacker can load their very maintain unsigned malicious bootloader to allow absolute aid watch over over the OS loading assignment”, Acer

“This can allow them to disable or bypass protections to silently deploy their very maintain payloads with the machine privileges”.

Strategies to Unravel This Sigh?

To repair this grunt, Acer advises updating your BIOS to the most modern version.

“Acer recommends updating your BIOS to the most modern version to resolve this subject. This update will seemingly be integrated as a excessive Home windows update,” the firm added.

Customers can manually install the BIOS update on impacted PCs by downloading it from the firm’s make stronger net page.

Notably, early in November, ESET issued a warning relating to the Lenovo flaw and urged clients to at as soon as update the BIOS on affected systems.

The cybersecurity firm is now alerting clients to this Acer vulnerability and advising them to acknowledge out for patches.

“As effectively as to Lenovo vulnerabilities we disclosed earlier this month, we came all the plan in which by strategy of one other the same vulnerability in Acer laptops. Same as in Lenovo case, it lets in deactivating UEFI Gain Boot by organising NVRAM variable without prolong from OS,” in step with ESET

Gain Internet Gateway – Internet Filter Principles, Exercise Tracking & Malware Protection – Download Free E-Book