Revisions
- 1.0: August 6, 2020: Initial release
Summary
Most modern computers can boot using one of two methods: BIOS or UEFI. UEFI includes a feature called Secure Boot. When enabled this feature allows the computer to only boot approved software, e.g. official releases of operating systems such as Microsoft Windows or Red Hat Enterprise Linux. When using BIOS or UEFI without Secure Boot enabled then non-approved and possibly malicious software can be booted on the system.
Recently, researchers at Eclypsium discovered a vulnerability in Secure Boot that they’ve named “BootHole”. This vulnerability allows an attacker to bypass the Secure Boot protection to boot non-approved and possibly malicious software. All Veritas appliances are shipped configured to boot using either BIOS or using UEFI with Secure Boot disabled. Therefore, no Veritas appliances are impacted by this vulnerability.