Today, almost all of its different distributions Linux, as well as many of the devices with Windows, use the GRUB2 bootloader. According to researchers, hackers can gain almost full access to these devices, regardless of secure boot selection.
However, to be able to access systems, hackers must first gain administrative privileges before they can make changes to the Bootloader config. Of course, although administrative rights are needed, "BootHole" remains a serious problem, affecting a large percentage of users.
Therefore, many companies are already working with Eclypsium to remove "BootHole" from future distributions. Other companies, such as Red Hat, have already announced some security fixes for their products.
At the same time, its development team Debian performs a complete check of the GRUB2 bootloader code. Because Debian 10 "buster" is the first version that contains UEFI Secure Boot, the team wants to improve the bootloader of the operating system, before the release of version 10.5, which will come in early August.
In addition to the Debian development team, his team SUSE Linux has also made several improvements to the GRUB2 bootloader. According to Marcus Meissner, the "BootHole" bug has already been removed from all SUSE products Linux. Additionally, distributions include other enhancements, such as updates to kernel packages.
Of course, all known Linux distributions have already been updated. For example, Canonical has announced improved versions of it Ubuntu 14.04 ESM, 16.04 LTS, 18.04 LTS and 20.04 LTS.
In addition to the "BootHole" bug, Eclypsium researchers have discovered some more vulnerabilities, known as CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-15705, CVE-2020-15706 and CVE-2020-15707. For the same reason, vulnerable distribution teams recommend that users update their operating systems immediately so that they can avoid future attacks.