![[article image]](https://cacm.acm.org/system/assets/0004/4692/012423_MSI_motherboard.large.jpg?1674580492&1674580492 "The MSI PRO Z790-A WiFi motherboard.")
Polish security researcher Dawid Potocki discovered a vulnerability in MSI's motherboards that occurred when the Secure Boot default settings for "Image Execution Policy" was changed to "Always Execute."
With this firmware setting, the motherboard will allow an untrusted operating system to run even if security violations are detected.
Potocki identified over 290 MSI motherboards at risk of malware.
Users must check the Secure Boot settings to determine whether their system is affected.
To fix the issue, users should update firmware to the latest version and ensure the "Image Execution Policy" for "Removable Media" and "Fixed Media" is set to "Deny Execute."
From PC Magazine
View Full Article
Abstracts Copyright © 2023 SmithBucklin, Washington, DC, USA
