Exploring the BootHole Vulnerability

Presented by

Jesse Michael and Mickey Shaktov, Principal Researchers, Eclypsium

About this talk

The BootHole vulnerability, disclosed by Eclypsium researchers Mickey Shkatov and Jesse Michael in July, exposes billions of devices to attack. The vulnerability they discovered in the GRUB bootloader can be used to gain arbitrary code execution during the boot process even when Secure Boot is enabled. This can allow attackers to install persistent and stealthy bootkits, rootkits, or malicious bootloaders that would provide full control over the victim device. In this webinar you’ll learn: - How researchers found this vulnerability - Why threats to the boot process are so dangerous - Exactly how the BootHole vulnerability works - How the industry came together to address this vulnerability - Why the mitigation process is so complicated - The steps you can take to protect your devices Note: If you’re primarily looking for advice on mitigation - please see our webinar “Managing the Hole in Secure Boot”

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (50)
Subscribers (3193)
Eclypsium is the industry’s leading enterprise firmware protection platform - providing a new layer of security to protect your IT infrastructure from firmware attacks. Eclypsium defends enterprises and government agencies from vulnerabilities and threats hidden within firmware that are invisible to most organizations today.