SecurityWeek ·EN-US News source ResearchUEFI Shim bootloaderSecure Boot
Old UEFI Shims Expose Systems to Secure Boot Bypass
CVE Tools coverage
Researchers at ESET have identified nearly a dozen outdated UEFI shim bootloaders signed by Microsoft that could allow attackers to bypass Secure Boot protections. These shims, used to enable Linux distributions to boot securely, were not updated by some vendors and remained trusted despite known vulnerabilities. Microsoft revoked the affected shims on June 2026 Patch Tuesday, assigning them CVE identifiers CVE-2026-8863 and CVE-2026-10797. Attackers could exploit these flaws to execute malicious code during the boot process, undermining Secure Boot even when enabled.