Huge BootHole flaw in GRUB2 bootloader leaves millions of Windows and Linux systems at risk from hackers

A serious vulnerability dubbed BootHole has been discovered in the GRUB2 bootloader. Millions of systems run the risk of being exposed to hackers -- primarily those running Linux, but Windows is also affected. Discovered by security researchers at Eclypsium, the BootHole vulnerability has been assigned CVE-2020-10713 ("GRUB2: crafted grub.cfg file can lead to arbitrary code execution during boot process") and a CVSS rating of 8.2. The flaw can be exploited to gain arbitrary code execution during the boot process, even when Secure Boot is enabled and virtually all Linux distributions are affected. But more than this, the vulnerability also leaves… [Continue Reading]