SDxCentral

VU#455367: Insecure Platform Key (PK) used in UEFI system firmware signature

A vulnerability in the user of hard-coded Platform Keys (PK) within the UEFI framework, known as PKfail, has been discovered. This flaw allows attackers to bypass critical UEFI security mechanisms ...
Business Wire

Binarly to Unveil New Findings on Critical PKfail Issue at LABScon 2024

LOS ANGELES--(BUSINESS WIRE)--Binarly, provider of the industry leading AI-powered firmware and software supply chain security platform, will present significant new insights into the critical PKfail ...
TechSpot

PKfail security flaw is far more extensive than initially thought

Facepalm: Binarly analysts have issued a new warning just a couple of months after unveiling a security issue related to compromised platform keys used to enforce Secure Boot protection. The PKfail ...
Dark Reading

Millions of Devices Vulnerable to 'PKFail' Secure Boot Bypass Issue

Attackers can bypass the Secure Boot process on millions of Intel and ARM microprocessor-based computing systems from multiple vendors, because they all share a previously leaked cryptographic key ...
Bleeping Computer

PKfail Secure Boot bypass remains a significant risk two months later

Roughly nine percent of tested firmware images use non-production cryptographic keys that are publicly known or leaked in data breaches, leaving many Secure Boot devices vulnerable to UEFI bootkit ...