Skip to main content
Start a Conversation

Solved!

Go to Solution

ky331

3 Apprentice

 • 

15.4K Posts

1572

July 26th, 2024 10:43

SecureBoot broken on many popular computers

The following was excerpted from Secure Boot is completely broken on 200+ models from 5 big device makers | Ars Technica

In 2012, an industry-wide coalition of hardware and software makers adopted Secure Boot to protect against a long-looming malware security threat that could infect the BIOS firmware that loaded the operating system each time a computer booted up.  Built into UEFI, Secure Boot used public-key cryptography to block the loading of any code that wasn’t signed with a pre-approved digital signature.

On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than 200 device models sold by Acer, Dell, Gigabyte, Intel, and Supermicro. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022.

See the article (link above) for a list of affected models.

----------------------------------

See also:  PKfail Secure Boot bypass lets attackers install UEFI malware (bleepingcomputer.com)

5 people also have this problem

DELL-Nat M

Community Manager

 • 

3K Posts

October 29th, 2024 12:46

To resolve the issue with SecureBoot, please update the BIOS drivers for the following products:

  1. Alienware Aurora R2 Gaming Desktop: Update to Alienware Aurora R16 System BIOS, version 2.13.0 or later. Download and install: Alienware_Aurora_R16_2.13.0_x64.exe.

  2. Alienware Area 51m R2 Gaming Laptop: Update to Alienware Area-51m R2 System BIOS, version 1.29.0 or later. Download and install: Alienware_Area-51m_R2_1.29.0.exe.

  3. Alienware x15 R1 and x17 R1 Gaming Laptops: Update to Alienware x15 and x17 R1 System BIOS, version 1.24.0 or later. Download and install: Alienware_x15_x17_R1_1.24.0.exe.

  4. Alienware x15 R2 and x17 R2 Gaming Laptops: Update to Alienware x15 and x17 R2 System BIOS, version 1.22.0 or later. Download and install: Alienware_x15_x17_R2_1.22.0.exe.

  5. Alienware x14 Gaming Laptop: Update to Alienware x14 System BIOS, version 1.21.0 or later. Download and install: Alienware_x14_1.21.0.exe.

  6. Alienware m15 R3 and m17 R3 Gaming Laptops: Update to Alienware m15 and m17 R3 System BIOS, version 1.29.0 or later. Download and install: Alienware_m15_R3_m17_R3_1.29.0.exe.

  7. Alienware m15 R4 and m17 R4 Gaming Laptops: Update to Alienware m15 and m17 R4 System BIOS, version 1.24.0 or later. Download and install: Alienware_m15_R4_m17_R4_1.24.0.EXE.

  8. Inspiron 3502 Laptop: Update to Dell Inspiron 3502 System BIOS, version 1.18.0 or later. Download and install: Inspiron_3502_1.18.0.exe.

  9. Inspiron 3510 Laptop: Update to Dell Inspiron 15 3510 System BIOS, version 1.21.0 or later. Download and install: Inspiron_3510_1.21.0.exe.

  10. Inspiron 3521 Laptop: Update to Dell Inspiron 3521 System BIOS, version 1.16.0 or later. Download and install: Inspiron_3521_1.16.0.exe.

  11. Alienware Aurora R13 Gaming Desktop: Update to Alienware Aurora R13 System BIOS, version 1.21.0 or later. Download and install: Alienware_Aurora_R13_1.21.0_x64.exe.

  12. Alienware Aurora Ryzen Edition R14 Gaming Desktop: Update to Alienware Aurora Ryzen Edition System BIOS, version 2.19.0 or later. Download and install: Alienware_Aurora_Ryzen_Edition_R14_2.19.1.exe.

  13. Alienware Aurora R15 AMD Gaming Desktop: Update to Alienware Aurora R15 AMD System BIOS, version 1.15.0 or later. Download and install: Alienware_Aurora_R15_AMD_1.15.0.exe.

  14. Alienware Aurora R15 Gaming Desktop: Update to Alienware Aurora R15 System BIOS, version 1.17.0 or later. Download and install: Alienware_Aurora_R15_1.17.0_x64.exe.

  15. XPS 8950 Desktop: Update to Dell XPS 8950 System BIOS, version 1.21.0 or later. Download and install: XPS_8950_1.21.0_x64.exe.

  16. XPS 8960 Desktop: Update to Dell XPS 8960 System BIOS, version 2.12.0 or later. Download and install: XPS8960_2.12.0_x64.exe.

tikmokf5d6ac

1 Rookie

 • 

2 Posts

July 27th, 2024 02:11

The link only lists the alienwares, here is a "complete" list:

https://github.com/binarly-io/Vulnerability-REsearch/blob/main/PKfail/BRLY-2024-005.md

Dell inspiron-15-3510-laptop 2024-06-13 7fbfd8b03d178e074572dff764f28af98c87c7556ce3837ccb8dfe993efa1940 -15:fe:0d:04:9b:3b:74:70:bc:6f:1a:d2:96:ed:c4:7b
Dell alienware-x17-r2-laptop 2024-06-12 65f5939878deede2e1b24a6412ba025b78f45b1562e9d365d97e1c76a32a1832 -08:c2:d1:c3:6c:9b:51:4f:b3:7c:6a:02:08:12:cd:59
Dell alienware-m17-r4-laptop 2024-06-12 f75b595b9ce5e1e25a5d64e54edffdf696251b4f4e860c0d3a03a183631f090e 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
Dell alienware-x14-r1-laptop 2024-06-12 620848eeadb74a572d6400672aecca35f46dfdc7b5152bb028fbcbf74ea7bccd -08:c2:d1:c3:6c:9b:51:4f:b3:7c:6a:02:08:12:cd:59
Dell alienware-aurora-r15-amd-desktop 2024-06-12 6348442334e85e8374884ea848685771053a7cf274ccb77559c710b5a00f61e9 -08:c2:d1:c3:6c:9b:51:4f:b3:7c:6a:02:08:12:cd:59
Dell alienware-m17-r3-laptop 2024-06-11 413a04c12bde19f1f97d9d334ed57197f0405f9f10ab7154d2b71e5471577c97 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
Dell alienware-area51m-r2-laptop 2024-06-11 253743e7a39d0b709122c5329799f4c4608536eeb632218e7f0cbe1f6e8b5db8 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
Dell alienware-x15-r1-laptop 2024-06-11 4fc54067f263791aed2fa4b57b226ea15c4eb0f55b3797e002bb62aa936bdd8c 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
Dell inspiron-15-3521-laptop 2024-06-11 e2242e4aa3a284fcbbcf2f38a10bec24408f1eff74bb307e699ea46f483359f2 -15:fe:0d:04:9b:3b:74:70:bc:6f:1a:d2:96:ed:c4:7b
Dell alienware-aurora-r11-desktop 2024-06-06 8f79d9de33f5f131226a78ccb10bb16218a5be51b2105cc32e38ceb0c8c30e9a 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
Dell inspiron-15-3502-laptop 2024-06-05 62c02a9b5a4d4328ac41c3e3aa7757e64e6c5cd52b9e047333ad18e60d17fcb6 -15:fe:0d:04:9b:3b:74:70:bc:6f:1a:d2:96:ed:c4:7b
Dell alienware-aurora-r13-desktop 2024-06-05 dc5912033c5ca14475f2d59ca47f25c8840f362f0c8553d13bb06a8e47c42abf 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
Dell xps-8950-desktop 2024-06-05 6982be0bd8e1aed1251fe5300eec2b515b7cab70e761cfb72074f5d658d092d9 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
Dell alienware-aurora-r15-desktop 2024-06-05 7e310dca802db0f7a22d39bb2d7d5b79c7e9df8e5698f0e691942ec334ce5794 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
Dell alienware-aurora-r14-desktop 2024-06-05 26a447a94e96fa8d9c590888cae490750c32d5af95faece3595f21efc41c1f2c -08:c2:d1:c3:6c:9b:51:4f:b3:7c:6a:02:08:12:cd:59
Dell alienware-aurora-r16-desktop 2024-05-09 06a9dffc8fb3edafd1b6377cf38879860a0ae3c87f97258e09d189d291f64ead 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
Dell xps-8960-desktop 2024-05-09 0dcd7494f4926fb04b56e9713f0b62eff3a345b626fa2adaf47636bf0bb4c3eb 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
Dell alienware-m15-r2-laptop 2024-01-30 69da86e9cf24c49496529f3041604a6bb1c0c0ab86c192239d31d3a9b92467cd 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
Dell inspiron-17-3782-laptop 2023-09-12 602a23f43b11817ad5439579969753866a54b836f34dfe19342e5188cf088d85 -15:fe:0d:04:9b:3b:74:70:bc:6f:1a:d2:96:ed:c4:7b
Dell alienware-15-r4 2022-12-08 608e410d1c0475dac58b1e8f36b477aa8d9e9f28d30ec89d44b550e36bbbaf47 55:fb:ef:87:81:23:00:84:47:17:0b:b3:cd:87:3a:f4
Dell inspiron-5680-gaming-desktop 2022-10-31 f1075841f54237735c1135ebf92baeab9c0c3f8b051229f898520f5b0f265353 58:4c:65:6d:d4:0d:8d:ae:48:e5:ec:bb:a9:7f:6f:51
Dell alienware-17-laptop 2022-05-16 d4ed519bd5e5ba2f027d00635494d485f19f3080d8baf6d711b190323294e216 -15:fe:0d:04:9b:3b:74:70:bc:6f:1a:d2:96:ed:c4:7b
Dell alienware-13-laptop 2022-05-16 cb25317443d65ba126174c8b7547c7d2f6c0288f859e2063436eb7b350d9bf62 -15:fe:0d:04:9b:3b:74:70:bc:6f:1a:d2:96:ed:c4:7b
Dell inspiron-3472-desktop 2021-11-09 02877ae1ee43c787fa980d6e897e14546ac193100395bbcc6bc26fdf3077e860 -0b:79:94:48:a7:77:41:b1:16:82:d2:be:16:50:3b
Dell alienware-17-r3 2021-07-30 003130dabf11c8b5df286d9584b3174faa9529cd6149513d13c7ce85d63d97b0 -15:fe:0d:04:9b:3b:74:70:bc:6f:1a:d2:96:ed:c4:7b
Dell alienware-13-r2 2021-07-30 e6819bd24e063807336994f36e1b7cafbbec46c2679a365dde1b54b720a049e4 -15:fe:0d:04:9b:3b:74:70:bc:6f:1a:d2:96:ed:c4:7b
Dell vostro-24-5460-aio 2021-06-09 d54e560849c716d0ded4b25d9aacc746f77174cc6d3eeb3a50424eaf337c92aa 58:4c:65:6d:d4:0d:8d:ae:48:e5:ec:bb:a9:7f:6f:51
Dell inspiron-20-3059-aio 2021-03-03 4b4fd4cc68e48cfbacaf1279ff42ce6e9d37aa7706efffb2a0bb84fbda2aabd2 27:1d:73:f2:2b:76:f7:b2:4d:52:e1:52:e0:40:eb:dd
Dell inspiron-24-5459-aio 2021-03-03 2c6a0bd7b3a91b9e1b309bde7d405812a42abe40001ce661252d81e7cd009650 -62:1d:1a:58:a8:34:f2:62:bf:4e:2b:e5:27:e9:32:1c
Dell inspiron-22-3263-desktop-aio 2021-02-22 13deddbbdccb6e5411317e96bdb045e28c0dcbb7e86ed5f32e5d24b4b54a5657 27:1d:73:f2:2b:76:f7:b2:4d:52:e1:52:e0:40:eb:dd
Dell inspiron-3250-small-desktop 2021-02-17 95446bcddec63d36a9f5554815892c104febb73c676a075d789e4b7c69979fa6 75:15:48:57:1a:c5:49:9d:4b:e3:25:11:e1:7d:41:3a
Dell inspiron-24-3464-aio 2021-02-04 3ffd081959db4684563f0044cca9ac16d5467a42d40913f503bad8d171bf1c99 39:e7:7f:95:d5:9d:74:83:46:0c:b0:06:75:54:ab:f5
Dell inspiron-3662-desktop 2020-12-22 5a02b9214bb7ca03030323835a85efd84d369ff02a6baf9193083e2b22e8d0c3 33:c9:da:4a:88:90:52:a5:4d:da:26:fe:c3:c7:bc:be
Dell alienware-13 2020-09-23 fe9e2b75babda09ba22a3e99494198e125188d9345bda2b961f10e98e6c2b784 -15:fe:0d:04:9b:3b:74:70:bc:6f:1a:d2:96:ed:c4:7b
Dell inspiron-one-23-2330-aio 2020-06-29 374f19a62abe5b7c195038ebc945528046478ba7fac2b7b429edfaa47122e6e6 1a:a9:c7:61:c8:6a:be:88:4d:85:f5:ad:2b:95:3b:f1
Dell alienware-17-r2 2019-10-14 e94ccb36573d53127cfdf1f6d617c31ba8562fbdd4b43e48fe1fd52325315756 -15:fe:0d:04:9b:3b:74:70:bc:6f:1a:d2:96:ed:c4:7b
Dell poweredge-c5230 2019-09-19 52dbddaf0c9803e7f9dd389519b829515abe97dc0fbd9b979230de28880f595d -45:d3:fd:00:33:52:5d:45:b5:36:de:47:4e:15:cc:56
Dell alienware-alpha 2019-06-20 f1d2c02737ba96e93892f38c161b3f35fbca79a4302e439e8405d3434ed88fdb -1b:ed:93:e2:59:4e:2b:60:be:6b:1f:01:c9:af:a6:37
Dell inspiron-15-5552-laptop 2018-10-26 73e72a45f92daa7ef76dcf82e6d13113cd9acbd2250d78d2e02232535f83fbc5 -1b:ed:93:e2:59:4e:2b:60:be:6b:1f:01:c9:af:a6:37
Dell inspiron-3646-small-desktop 2018-03-17 081c82a0748297ca5841b1772330fb6e776c678d425789a66e3072fb73d072d7 45:18:b4:22:4e:57:12:8b:44:18:25:a1:f4:5e:81:1d
Dell inspiron-24-3455-aio 2018-03-06 2fd0f72190810fa5c4a2a3f57a7bce51dd0baa47584b59b7cba4752a92c66ee5 -3e:e5:01:34:bd:a5:df:51:bf:6e:a5:6f:2a:78:08:8f
Dell vostro-20-3052-aio 2018-03-05 c4574a6a5e1e6b4f3b4a3317b51d75c3764395775f900b9ede99dca5e76849f2 -08:d7:1a:d0:15:1f:f5:41:bb:20:e7:ee:55:21:99:6d
Dell vostro-3252-small-desktop 2018-02-26 9cc04e65928cf4852d0ae16d55808b42542387ae389ebbd3e42f888638909932 -52:0b:5c:21:69:a2:5a:64:bb:ab:f5:d8:ef:5a:7c:ce
Dell inspiron-3655-desktop 2017-10-24 31a7af2885146a94a82ce214a26e4dcdcfa36969aa47a7a1eaf3725fa6a2198d 18:ab:83:60:14:84:6e:84:47:d4:bc:ea:92:44:4b:d2
Dell inspiron-22-3265-desktop-aio 2017-06-29 7c0c8fab8b15d6de59936a3921f85d9e79f710c6c6db6459804b679d82760e26 -07:9f:37:c3:37:51:bf:5c:b3:3b:53:73:92:24:e6:c6
Dell inspiron-17-5755-laptop 2016-09-02 19967c4eebd851b31936c8cab20f86008c7f065cf93217f6cc82350521cc640f -1b:ed:93:e2:59:4e:2b:60:be:6b:1f:01:c9:af:a6:37
Dell inspiron-3656-desktop 2016-07-29 a0e12007dd08b6d9a22fcc6548d0562ea3a966b2030ea9d00c739971e02b6c9a -4f:95:81:2e:a5:05:62:67:b4:46:66:d1:f7:5c:22:9d
Dell vostro-20-3015-aio 2015-04-08 05b03dab647098c957cadd2a66ebb1401dc5dae51f267351c0d076c239d5856b 45:18:b4:22:4e:57:12:8b:44:18:25:a1:f4:5e:81:1d

DellManYesIAm

1 Rookie

 • 

8 Posts

July 30th, 2024 11:40

@tikmokf5d6ac​ My Inspiron was not listed on that list although running the compromised key detection script returns TRUE (System using Compromised Keys).

Binarly has added their research to a Git Hub page with a Powershell Script to test for the affected Keys on Windows or Linux.

That page is:

https://github.com/binarly-io/Vulnerability-REsearch/blob/main/PKfail/BRLY-2024-005.md

(edited)

RoHe

10 Elder

 • 

45.2K Posts

July 30th, 2024 19:44

Just keep in mind that script is only looking for certain specific keys.

Systems may have a key that tests false using the script but have a "valid" key that was stolen from the online database with its 4-digit password.  So there are at least two separate ways a PC could be compromised.

tom_mai78101

1 Rookie

 • 

10 Posts

July 30th, 2024 23:10

My laptop, Alienware 15 R4, is on that list. I'm out of warranty, and I'm on Windows 11, which is currently unsupported by Dell.

I don't know what to do about it.

RoHe

10 Elder

 • 

45.2K Posts

July 31st, 2024 01:24

@tom_mai78101 - Just sit tight. 

You don't have to be in warranty to download/install a BIOS update for free.

Check the drivers/download page for your PC model on the Support site regularly to see if there's a new System BIOS update which may deal with the issue.

DELL-Nat M

Community Manager

 • 

3K Posts

August 12th, 2024 12:57

Dell Technologies is aware of the Pkfail vulnerability reported by Binarly that may affect a small number of consumer PCs. BIOS updates for potentially impacted devices are in progress.

View More

View All

No Events found!

Top