0

This question is related but only partialy answers my question.

I know firmware (most notably UEFI firmware) rootkits or bootkits are rare and possiblity to introduce one into system is very low, but in practice if such thing happens:

  1. to be infected by firmware rootkit without knowing it, is impossible with secure boot enabled?
  2. does secure boot protects against GPT bootkits (if such malware even exist as oposed to well known MBR bootkits)?
  3. is there known scenario that could bypass secure boot when speaking about bootkits and rootkits?

1 Answers1

0

It does indeed protect against GPT bootkits, and that's exactly what its job is. It doesn't protect against rootkits in the UEFI firmware itself though, as it's that very firmware that's responsible for enforcing Secure Boot.