The Acer Laptop Vulnerability allows malware infiltration during Secure Boot

ESET, a cybersecurity company has discovered a flaw in Acer laptops. This bug doesn’t seem to be new. ESET discovered the vulnerability in Lenovo laptops . However, this time it affects several models of Acer laptops .

a technical advisory. The bug allows hackers to bypass security measures and disable Secure Boot.

Information about vulnerability

ESET gave the vulnerability a CVSS score 8.1 and identified it as . It was discovered in the HQSwSmiDxe DXE driver that checks the ‘BootOrderSecureBootDisable’ NVRAM variable for deactivating UEFI (Unified Extensible Firmware Interface) Secure Boot.

This feature can be disabled to allow the attackers to load their own unsigned malicious bootloader, allowing them complete control of the OS loading process. They can also bypass and disable security protections in order to install malicious payloads discreetly, such as ESET read.

Researchers explained that a vulnerability in the HQSwSmiDxe driver for some consumer Acer Notebooks may enable an attacker with elevated privileges modify UEFI Secure Boot settings through modifying an NVRAM value. NVRAM is a non-volatile random access memory variable.

Acer’s explanation

UEFI, which is responsible for launching a computer’s OS while it loads, can be found here. Secure Boot is responsible for ensuring that no malicious code gets loaded on the device’s boot.

Acer that the vulnerability allows an attacker to alter the mechanism’s settings through the creation of NVRAM variables. The firmware driver only checks that the variables are present and does not verify their value.

This bug affects at least five Acer models, A315-22, A115-21 and A315-22G. Extensa EX215-21 and EX215-21G are also affected. Acer currently works to fix the problem with a BIOS upgrade. This update will soon be available on Acer’s and included in the Critical Windows Windows Update . Acer recommends that users upgrade to the most recent BIOS version.