PKFail
All PKFail Resources
|
Press
Sep 19, 2024
Secure Boot-Neutering PKfail Debacle Is More Prevalent Than Anyone Knew
Ars Technica reports on the previously underestimated scope of PKfail.
PKFail
Press
Sep 19, 2024
PKfail Secure Boot Disaster Just Went From Bad To Worse
PCWorld reports on the expanding scope of the PKfail vulnerability.
PKFail
Press
Sep 16, 2024
Significant PKfail Vulnerability Continues to be Prevalent
Continued press coverage of PKfail vulnerability prevalence.
PKFail
Press
Sep 16, 2024
PKfail Secure Boot Bypass Remains a Significant Risk Two Months Later
Press coverage of PKfail vulnerability persistence two months after disclosure.
PKFail
News
Sep 16, 2024
Binarly to Unveil New Findings on Critical PKfail Issue at LABScon 2024
Binarly will present significant new insights into the critical PKfail vulnerability at this week's LABScon 2024 conference. The research will be presented by Binarly founder and CEO Alex Matrosov, alongside vulnerability research lead, Fabio Pagani.
PKFail
Blog
Sep 16, 2024
PKfail Two Months Later: Reflecting on the Impact
In this blog, we dive deeper into newly discovered data points gathered from our free detection service pk.fail and major vendor acknowledgements and developments since the initial disclosure of PKfail in July.
PKFail
Press
Jul 26, 2024
Secure Boot Is Completely Broken on 200+ Models From 5 Big Device Makers
Ars Technica coverage of PKfail affecting hundreds of device models.
PKFail
Report
Jul 25, 2024
PKfail Disclosure Report
This report provides technical details on the PKfail vulnerability, its widespread impact spanning over a decade, detection methods, and recommendations for affected users to update firmware or re-key their systems.
PKFail
Blog
Jul 25, 2024
PKfail: Untrusted Platform Keys Undermine Secure Boot on UEFI Ecosystem
PKfail is a zero day disclosure detected by the Binarly REsearch Team. PKfail is a firmware supply-chain issue affecting hundreds of device models in the UEFI ecosystem. The problem arises from the Secure Boot "master key," known as the Platform Key (PK) in UEFI terminology, which is untrusted because it is generated by Independent BIOS Vendors (IBVs) and shared among different vendors.
PKFail
Jul 24, 2024
Critical Disclosure: PKfail - Undermine UEFI Secure Boot
PKFail
Jul 18, 2024
Proof of Concept for PKfail
PKFail
Jul 18, 2024
Proof of Concept for PKfail (Linux version)
PKFail
Tool
Jul 1, 2024
PKfail Free Scanner
Upload a binary and see if you're impacted by PKfail.
PKFail
Ship and buy software you can prove is safe.
Schedule a live demo to see how Binarly validates SBOM/CBOM, surfaces risks, and charts a measurable path to post-quantum readiness