Tagged articles

Secure Boot

15 articles · Page 1 of 1
IT Services Circle
IT Services Circle
Jul 2, 2026 · Operations

How Major PC Makers Are Rapidly Addressing the Windows 11 Secure‑Boot Certificate Update

The Windows 11 UEFI CA 2023 secure‑boot certificate is being rolled out via Windows Update, but successful installation depends on each OEM’s BIOS update, and manufacturers such as ASUS, Lenovo, Dell, HP, MSI, Acer, Samsung, LG and Surface have published detailed guidance, manual steps, and warnings for users.

BIOS updateOEM guidanceSecure Boot
0 likes · 10 min read
How Major PC Makers Are Rapidly Addressing the Windows 11 Secure‑Boot Certificate Update
IT Services Circle
IT Services Circle
Jun 20, 2026 · Information Security

Win11 UEFI Update: Why It Could Brick Your PC

The article explains the role of the legacy UEFI CA 2011 certificate, its upcoming expiration on June 24 2026, how Microsoft’s new CA 2023 certificates coexist, the risks of blacklisting, and what users should know before manually updating or relying on automatic updates to avoid a bricked system.

CA 2011CA 2023Firmware Certificate
0 likes · 11 min read
Win11 UEFI Update: Why It Could Brick Your PC
ByteDance SE Lab
ByteDance SE Lab
Jun 17, 2026 · Information Security

Server Firmware Security Practices for AI-Infra: Threat Modeling, Trusted Boot, and Large‑Scale Remediation

The article analyzes the rising firmware security challenges of AI‑Infra servers, presents a full‑machine threat model, outlines trusted‑boot and measurement architectures, shares a large‑scale CVE‑2023‑34335 remediation case, and discusses tools and long‑term security evolution for heterogeneous server fleets.

AI InfrastructureBoardSentinelSecure Boot
0 likes · 24 min read
Server Firmware Security Practices for AI-Infra: Threat Modeling, Trusted Boot, and Large‑Scale Remediation
Black & White Path
Black & White Path
May 15, 2026 · Information Security

How the 'FailRelock' Flag Let Attackers Bypass BitLocker for the Fifth Time

A debug flag named FailRelock in Windows' recovery environment disables BitLocker relocking when set to 1, allowing an attacker with a USB drive and a modified INI file to obtain full access to encrypted drives—a fifth such breach in five years, highlighted with attack steps, technical analysis, and mitigation advice.

BitLockerDebug FlagFailRelock
0 likes · 6 min read
How the 'FailRelock' Flag Let Attackers Bypass BitLocker for the Fifth Time
ITPUB
ITPUB
May 4, 2026 · Fundamentals

Why Modern PCs Can’t Install Windows 7 Even With Patches

The article explains that the shift from BIOS to UEFI, combined with Windows 7’s lack of UEFI support, driver gaps, and security shortcomings, makes installing Windows 7 on current hardware extremely difficult despite patch workarounds.

BIOSBoot ProcessLegacy Support
0 likes · 8 min read
Why Modern PCs Can’t Install Windows 7 Even With Patches
IT Services Circle
IT Services Circle
Apr 10, 2026 · Information Security

How BlackLotus UEFI Bootkit Bypasses Secure Boot and Microsoft’s Patch Roadmap

The BlackLotus UEFI bootkit (CVE‑2023‑24932) can evade Windows Secure Boot by exploiting legacy certificates, prompting Microsoft to roll out a five‑phase patch series starting May 2023, refresh UEFI firmware, blacklist old boot managers, and introduce visual status indicators as the 2011 certificates expire in 2026.

BootkitCVE-2023-24932Microsoft Patch
0 likes · 6 min read
How BlackLotus UEFI Bootkit Bypasses Secure Boot and Microsoft’s Patch Roadmap
Linux Tech Enthusiast
Linux Tech Enthusiast
Jan 31, 2026 · Fundamentals

Essential U‑Boot Concepts and Practical Guide

This article provides a comprehensive overview of U‑Boot, covering its definition, boot stages, environment variables, command system, device‑tree usage, network and storage support, security features, debugging techniques, performance tuning, platform migration steps, and a comparison with other bootloaders, all illustrated with concrete code examples and tables.

BootloaderDevice TreeEmbedded
0 likes · 20 min read
Essential U‑Boot Concepts and Practical Guide
IT Services Circle
IT Services Circle
Sep 23, 2025 · Information Security

How Microsoft’s 5‑Phase Secure Boot Update Tackles the BlackLotus UEFI Bootkit

Microsoft’s multi‑stage mitigation plan for the BlackLotus UEFI bootkit details five phases—from initial KB5025885 deployment to final forced enforcement—aimed at revoking vulnerable certificates, updating boot managers, and ensuring systems stay secure through automatic updates and manual activation steps.

BootkitCertificate RevocationMicrosoft
0 likes · 6 min read
How Microsoft’s 5‑Phase Secure Boot Update Tackles the BlackLotus UEFI Bootkit
Architects' Tech Alliance
Architects' Tech Alliance
Mar 22, 2025 · Information Security

How HaiGuang’s Self‑Developed Security Tech Neutralizes CVE‑2024‑56161 in AMD‑Like CPUs

The article analyzes CVE‑2024‑56161, a microcode verification flaw in AMD Zen CPUs, and explains how Chinese chip maker HaiGuang’s independently designed secure‑boot and key‑management mechanisms effectively block the vulnerability while providing broader native protection against many x86 and ARM bugs.

CPU securityCVE-2024-56161HaiGuang
0 likes · 5 min read
How HaiGuang’s Self‑Developed Security Tech Neutralizes CVE‑2024‑56161 in AMD‑Like CPUs
IT Services Circle
IT Services Circle
Jul 13, 2023 · Information Security

Manual Mitigation Steps for BlackLotus UEFI Bootkit (CVE‑2023‑24932) and Microsoft’s Three‑Phase Update Strategy

This article explains the BlackLotus UEFI bootkit (CVE‑2023‑24932), outlines Microsoft's three‑phase remediation strategy, details the KB5025885 and KB5028166/KB5028185 updates, provides a simplified registry command for manual activation, and warns of compatibility issues for legacy boot managers.

BootkitCVE-2023-24932Secure Boot
0 likes · 6 min read
Manual Mitigation Steps for BlackLotus UEFI Bootkit (CVE‑2023‑24932) and Microsoft’s Three‑Phase Update Strategy
Architects' Tech Alliance
Architects' Tech Alliance
Apr 6, 2023 · Information Security

Key Chip‑Level Security Technologies for the Internet of Things

The article explains the security challenges of IoT deployments and describes chip‑level protection methods such as TPM, Secure Boot, Trusted Execution Environments, and hardware‑based trusted computing mechanisms like ARM TrustZone, Intel TXT, and AMD PSP, highlighting their roles in building a trustworthy IoT architecture.

IoT SecuritySecure BootTPM
0 likes · 10 min read
Key Chip‑Level Security Technologies for the Internet of Things
OPPO Kernel Craftsman
OPPO Kernel Craftsman
Sep 16, 2022 · Information Security

Overview of TrustZone‑Based SoC Components and CryptoCell Architecture

The article outlines ARM TrustZone‑enabled SoC components and the CryptoCell architecture, describing its two product families (700 and 300), hardware modules for symmetric and asymmetric cryptography, secure key slots, the CRYS software library, and their roles in secure‑boot, lifecycle management, debugging and data protection.

ArmCryptoCellSecure Boot
0 likes · 8 min read
Overview of TrustZone‑Based SoC Components and CryptoCell Architecture
OPPO Amber Lab
OPPO Amber Lab
Feb 19, 2021 · Information Security

How DICE Secures IoT Devices: From Unique IDs to Fast Boot

The article explains the DICE (Device Identity Composition Engine) standard introduced by the Trusted Computing Group, detailing its terminology, chain‑derived CDI mechanism, key generation, certificate issuance, and how it enables device identification, secure boot, rapid startup, data protection, and OTA firmware updates for IoT and mobile devices.

DICEDevice identityFirmware update
0 likes · 11 min read
How DICE Secures IoT Devices: From Unique IDs to Fast Boot
Architects' Tech Alliance
Architects' Tech Alliance
May 16, 2020 · Information Security

Understanding Secure Boot, Trusted Boot, Intel SGX, and ARM TrustZone

This article explains the concepts of secure boot and trusted boot, discusses their limitations on general-purpose devices, and compares the application workflows and security properties of Intel SGX and ARM TrustZone, highlighting practical usage scenarios such as DRM-protected media.

Intel SGXSecure Bootarm trustzone
0 likes · 10 min read
Understanding Secure Boot, Trusted Boot, Intel SGX, and ARM TrustZone
Open Source Linux
Open Source Linux
Mar 8, 2020 · Fundamentals

Why UEFI Is Replacing BIOS: Speed, Security, and Flexibility Explained

This article explains how UEFI, the Unified Extensible Firmware Interface, supersedes traditional BIOS by offering faster boot times, enhanced security through separate boot partitions and Secure Boot, graphical interfaces, greater storage capacity, and more flexible boot options for modern computers.

BIOSFirmwareGPT
0 likes · 6 min read
Why UEFI Is Replacing BIOS: Speed, Security, and Flexibility Explained