CVE Tools
Back to feed
Help Net Security ·EN-US News source ResearchUEFI Secure Boot shims

No one knows how many old shims can still bypass UEFI Secure Boot

By Mirko Zorz··4 min read
CVE Tools coverage

ESET researchers identified 11 outdated UEFI Secure Boot shims signed by Microsoft that could allow attackers to bypass secure boot protections. These shims, all at version 0.9 or lower, were revoked in Microsoft's June 9, 2026 Patch Tuesday update. The issue affects any system using the Microsoft Corporation UEFI CA 2011 certificate. Attackers can exploit this by copying an old shim along with a malicious second-stage loader onto a target device. Two vulnerabilities are involved: CVE-2026-8863 and CVE-2026-10797. Users are advised to apply the latest UEFI revocations and ensure their systems are updated.