A now-patched UEFI Secure Boot vulnerability (CVE-2024-7344, CVSS 6.7) allowed bypassing Secure Boot protections to execute unsigned code during boot, enabling persistent and covert malware deployment. The flaw stemmed from a custom PE loader in UEFI applications from multiple vendors, bypassing standard UEFI functions and loading unsigned binaries. Exploitation required elevated privileges but could evade detection and survive OS reinstalls. Discovered by ESET, it affected several recovery tools and was disclosed in June 2024, with fixes issued by vendors and Microsoft revoking vulnerable binaries in January 2025. This highlights ongoing risks with third-party UEFI software and the need for stricter Secure Boot measures.

‍