Ars Technica is reporting that the industry coalition security keys Secure boot are completely broken on 200+ models from 5 big device makers, despite keys being labeled DO NOT TRUST.
For those who want full context on the Secure Boot issue, Ars Technica has a comprehensive article.
Ars Technica shares the following self test and a list of affected devices below:
People who want to know if their Windows device uses one of the test platform keys can run the following powershell command:
> [System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI
PK).bytes) -match "DO NOT TRUST|DO NOT SHIP"
True
Linux users can detect one of the test certificates by displaying the content of the PK variable:
$ efi-readvar -v PK
Variable PK, length 862
PK: List 0, type X509
Signature 0, size 834, owner 26dc4851-195f-4ae1-9a19-
fbf883bbb35e
Subject:
CN=DO NOT TRUST - AMI Test PK
Issuer:
CN=DO NOT TRUST - AMI Test PK
If your device is on this list of affected devices go to Ars Technica for the full Binarly-supplied specs containing firmware SHA256 and certification serial numbers.
VENDOR | MODEL | RELEASE DATE |
Acer | c24-1655 | 2022-05-18 |
Acer | aspire c22-1600 | 2022-01-17 |
Acer | c24-962 | 2020-12-08 |
Acer | altos r680 f4 | 2019-07-17 |
Acer | altos r680s f4 | 2019-07-17 |
Aopen | iKBLMUx-DER(Volta Charging) | 2022-04-27 |
Dell | xps-8950-desktop | 2024-07-04 |
Dell | alienware-aurora-r13-desktop | 2024-07-04 |
Dell | alienware-x15-r1-laptop | 2024-07-04 |
Dell | alienware-m17-r3-laptop | 2024-07-04 |
Dell | alienware-area51m-r2-laptop | 2024-07-04 |
Dell | alienware-aurora-r15-desktop | 2024-07-04 |
Dell | alienware-aurora-r16-desktop | 2024-07-03 |
Dell | xps-8960-desktop | 2024-07-01 |
Dell | alienware-m17-r4-laptop | 2024-06-12 |
Dell | alienware-aurora-r11-desktop | 2024-06-06 |
Dell | alienware-m15-r2-laptop | 2024-01-30 |
Dell | alienware-15-r4 | 2022-12-08 |
Formelife | Studio Sys UPD | 2021-02-08 |
Gigabyte | E162-220 | 2024-06-20 |
Gigabyte | G262-IR0 | 2024-06-20 |
Gigabyte | G292-280 | 2024-06-20 |
Gigabyte | G492-ID0 (rev. 100) | 2024-06-20 |
Gigabyte | H252-3C0 (rev. 100) | 2024-06-20 |
Gigabyte | H262-PC0 (rev. 100) | 2024-06-20 |
Gigabyte | H262-PC1 (rev. 100) | 2024-06-20 |
Gigabyte | H262-PC2 | 2024-06-20 |
Gigabyte | MD72-HB0 (rev. 1.x/2.0) | 2024-06-20 |
Gigabyte | MD72-HB1 (rev. 1.x) | 2024-06-20 |
Gigabyte | MD72-HB2 (rev. 1.x) | 2024-06-20 |
Gigabyte | MD72-HB3 (rev. 1.x) | 2024-06-20 |
Gigabyte | MU72-SU0 (rev. 1.x/2.x) | 2024-06-20 |
Gigabyte | MU92-TU0 (rev. 1.x) | 2024-06-20 |
Gigabyte | MU92-TU1 (rev. 1.x/2.x) | 2024-06-20 |
Gigabyte | R182-34A | 2024-06-20 |
Gigabyte | R182-NA0 | 2024-06-20 |
Gigabyte | R182-NC0 | 2024-06-20 |
Gigabyte | R282-G30 | 2024-06-20 |
Gigabyte | E152-ZE1 (rev. A00) | 2024-06-18 |
Gigabyte | G152-Z12 | 2024-06-18 |
Gigabyte | G242-Z11 | 2024-06-18 |
Gigabyte | G242-Z12 | 2024-06-18 |
Gigabyte | G262-ZR0 | 2024-06-18 |
Gigabyte | G292-Z20 (rev. A00) | 2024-06-18 |
Gigabyte | G292-Z43 | 2024-06-18 |
Gigabyte | G292-Z45 | 2024-06-18 |
Gigabyte | G482-Z50 | 2024-06-18 |
Gigabyte | G492-Z52 | 2024-06-18 |
Gigabyte | H252-Z12 (rev. A02) | 2024-06-18 |
Gigabyte | H262-Z61 | 2024-06-18 |
Gigabyte | H262-Z6B | 2024-06-18 |
Gigabyte | H282-ZC0 (rev. A00) | 2024-06-18 |
Gigabyte | MZ32-AR0 (rev. 3.x) | 2024-06-18 |
Gigabyte | MZ72-HB0 (rev. 3.x/4.x) | 2024-06-18 |
Gigabyte | MZ72-HB2 (rev. 3.x) | 2024-06-18 |
Gigabyte | R162-Z10 | 2024-06-18 |
Gigabyte | R162-ZA2 | 2024-06-18 |
Gigabyte | R182-Z90 (rev. A00/B00/AT0) | 2024-06-18 |
Gigabyte | R262-ZA2 | 2024-06-18 |
Gigabyte | R282-Z97 (rev. A00) | 2024-06-18 |
Gigabyte | S252-ZC0 | 2024-06-18 |
Gigabyte | G191-H44 | 2024-05-27 |
Gigabyte | G241-G40 (rev. 100) | 2024-05-27 |
Gigabyte | G291-2G0 (rev. 100) | 2024-05-27 |
Gigabyte | G591-HS0 | 2024-05-27 |
Gigabyte | H231-G20 (rev. 100/A00) | 2024-05-27 |
Gigabyte | H261-H61 (rev. 100) | 2024-05-27 |
Gigabyte | H261-NO0 | 2024-05-27 |
Gigabyte | H281-PE0 | 2024-05-27 |
Gigabyte | MD61-SC2 (rev. 1.x) | 2024-05-27 |
Gigabyte | MD71-HB0 (rev. 1.x) | 2024-05-27 |
Gigabyte | MD71-HB1 (rev. 1.x) | 2024-05-27 |
Gigabyte | MU71-SU0 (rev. 1.x) | 2024-05-27 |
Gigabyte | R161-340 (rev. 100/200) | 2024-05-27 |
Gigabyte | R281-3C1 | 2024-05-27 |
Gigabyte | R281-3C2 | 2024-05-27 |
Gigabyte | T181-G20 (rev. 1.0) | 2024-05-27 |
Gigabyte | E251-U70 (rev. 100) | 2024-03-20 |
Gigabyte | R162-ZA1 | 2024-03-06 |
Gigabyte | G242-Z10 | 2024-02-27 |
Gigabyte | MC62-G41 (rev. 1.0) | 2024-02-26 |
Gigabyte | MX33-BS0 (rev. 1.x) | 2024-02-21 |
Gigabyte | MD72-HB2 (rev. 1.x/2.x) | 2024-01-12 |
Gigabyte | G482-Z54 | 2023-12-21 |
Gigabyte | R271-Z00 (rev. B00) | 2023-09-22 |
Gigabyte | E152-ZE0 | 2023-08-18 |
Gigabyte | R282-Z93 (rev. A00) | 2023-08-18 |
Gigabyte | R162-ZA0 (rev. A00) | 2023-08-17 |
Gigabyte | G262-ZO0 | 2023-08-16 |
Gigabyte | H262-Z6A | 2023-08-16 |
Gigabyte | MZ72-HB0 (rev. 3.0/4.0) | 2023-08-16 |
Gigabyte | MZ72-HB2 (rev. 3.0) | 2023-08-16 |
Gigabyte | G152-Z12 (rev. 200) | 2023-08-14 |
Gigabyte | G292-Z40 | 2023-08-14 |
Gigabyte | H242-Z10 (rev. A00) | 2023-08-14 |
Gigabyte | R152-Z30 | 2023-08-14 |
Gigabyte | G262-IR0 (rev. 100) | 2023-06-16 |
Gigabyte | G292-280 (rev. 100) | 2023-06-16 |
Gigabyte | G492-H80 | 2023-06-16 |
Gigabyte | H262-NO0 | 2023-06-16 |
Gigabyte | H262-NO1 | 2023-06-16 |
Gigabyte | R182-340 (rev. 100) | 2023-06-16 |
Gigabyte | G291-280 | 2023-06-15 |
Gigabyte | G481-H80 (rev. 100) | 2023-06-15 |
Gigabyte | H231-H60 (rev. 100/A00) | 2023-06-15 |
Gigabyte | R181-2A0 (rev. 100) | 2023-06-15 |
Gigabyte | S251-3O0 (rev. 100) | 2023-06-15 |
Gigabyte | S451-3R0 | 2023-06-15 |
Gigabyte | WRX80-SU8-IPMI (rev. 1.0) | 2023-06-08 |
Gigabyte | R292-4S0 | 2023-06-06 |
Gigabyte | R161-R12 | 2023-02-24 |
Gigabyte | TO23-H60 | 2022-10-24 |
Gigabyte | GB-BRR7-4700 | 2022-09-16 |
Gigabyte | GB-BRR7-4800 | 2022-09-16 |
Gigabyte | GB-BRR3-4300 (rev. 1.0) | 2022-09-13 |
Gigabyte | GB-BRR5-4500 (rev. 1.0) | 2022-09-13 |
Gigabyte | W771-Z00 (rev. 100) | 2022-09-13 |
Gigabyte | MB51-PS0 (rev. 1.0) | 2022-08-05 |
Gigabyte | G492-ZD2 (rev. A00) | 2022-06-21 |
Gigabyte | MW22-SE0 (rev. 1.0) | 2022-06-21 |
Gigabyte | MX32-4L0 (rev. 1.0) | 2022-06-21 |
Gigabyte | MW32-SP0 (rev. 1.0) | 2022-06-20 |
Gigabyte | MX32-BS0 (rev. 1.0) | 2022-06-20 |
Gigabyte | GB-BER3-5300 | 2022-06-16 |
Gigabyte | GB-BER3-5400 | 2022-06-16 |
Gigabyte | GB-BER5-5500 (rev. 1.0) | 2022-06-16 |
Gigabyte | GB-BER5-5600 | 2022-06-16 |
Gigabyte | GB-BER7-5700 | 2022-06-16 |
Gigabyte | GB-BER7-5800 | 2022-06-16 |
Gigabyte | GB-BMCE-4500C | 2022-06-16 |
Gigabyte | GB-BMCE-5105 | 2022-06-16 |
Gigabyte | GB-BMPD-6005 | 2022-06-16 |
Gigabyte | GB-BRi3-10110 (rev. 1.0) | 2022-06-16 |
Gigabyte | GB-BRi7-10510 (rev. 1.0) | 2022-06-16 |
Gigabyte | MF51-ES1 (rev. 1.0) | 2022-06-14 |
Gigabyte | MF51-ES0 (rev. 1.0) | 2022-06-13 |
Gigabyte | MF51-ES2 (rev. 1.0) | 2022-05-24 |
Gigabyte | G492-Z50 (rev. A00) | 2022-04-26 |
Gigabyte | GB-BSRE-1505 (rev. 1.0) | 2022-02-14 |
Gigabyte | GB-BSi3-1115G4 (rev. 1.0) | 2022-02-14 |
Gigabyte | GB-BSi5-1135G7 | 2022-02-14 |
Gigabyte | GB-BSi7-1165G7 | 2022-02-14 |
Gigabyte | G292-Z20 (rev. 100) | 2021-12-21 |
Gigabyte | H261-Z60 | 2021-12-03 |
Gigabyte | MZ71-CE0 (rev. 3.x/4.x) | 2021-12-03 |
Gigabyte | G292-Z40 (rev. 100) | 2021-10-19 |
Gigabyte | G182-C20 | 2021-10-12 |
Gigabyte | R162-ZA0 (rev. 100) | 2021-08-02 |
Gigabyte | MZ72-HB0 (rev. 1.x) | 2021-07-30 |
Gigabyte | G221-Z30 | 2021-07-12 |
Gigabyte | G291-Z20 (rev. A00) | 2021-07-12 |
Gigabyte | MZ71-CE0 (rev. 1.x) | 2021-07-12 |
Gigabyte | R181-Z90 | 2021-07-12 |
Gigabyte | R271-Z00 (rev. A00) | 2021-07-12 |
Gigabyte | T181-Z70 (rev. A00) | 2021-07-12 |
Gigabyte | GB-BRi7-10710 (rev. 1.0) | 2021-07-02 |
Gigabyte | GB-BRi5-10210(E) | 2021-06-29 |
Gigabyte | G492-ZD0 | 2021-06-26 |
Gigabyte | G292-Z46 | 2021-06-17 |
Gigabyte | R282-Z90 (rev. A00) | 2021-06-11 |
Gigabyte | R282-Z96 (rev. 100) | 2021-04-28 |
Gigabyte | G482-Z50 (rev. 100) | 2021-04-26 |
Gigabyte | G492-ZD0 (rev. 100) | 2021-03-05 |
Gigabyte | W281-G40 | 2021-02-18 |
Gigabyte | MW51-HP0 (rev. 1.x) | 2021-01-08 |
Gigabyte | G482-Z53 | 2020-12-24 |
Gigabyte | G482-Z54 (rev. 100) | 2020-12-23 |
Gigabyte | C621 AORUS XTREME (rev. 1.0) | 2020-10-27 |
Gigabyte | MJ11-EC0 (rev. 1.2) | 2020-10-14 |
Gigabyte | G291-Z20 (rev. 100) | 2020-08-24 |
Gigabyte | H261-Z60 (rev. 100) | 2020-08-24 |
Gigabyte | R181-Z90 (rev. 100) | 2020-08-24 |
Gigabyte | H261-T60 (rev. 100) | 2020-08-20 |
Gigabyte | C621-SD8 | 2020-07-30 |
Gigabyte | C621-SU8 (rev. 1.0) | 2020-07-30 |
Gigabyte | GB-BSRE-1605 (rev. 1.0) | 2020-07-29 |
Gigabyte | C621-WD12-IPMI (rev. 1.0) | 2020-07-21 |
Gigabyte | C621-WD12 | 2020-05-06 |
Gigabyte | G292-Z42 (rev. 100) | 2019-12-17 |
Gigabyte | G482-Z51 (rev. 100) | 2019-11-29 |
Gigabyte | W42G-P08R | 2019-09-03 |
Gigabyte | S12-P04R (rev. 1.0) | 2019-06-27 |
Gigabyte | R272-Z30 (rev. 100) | 2019-06-25 |
Gigabyte | R181-T90 (rev. 100) | 2019-06-12 |
Intel | BIOS Update [PNWHL357] | 2023-12-18 |
Intel | BIOS Update [PNWHL57v] | 2023-12-18 |
Intel | Intel Server Board M10JNP2SB – Firmware Update Package – EFI BIOS 7220, BMC 8100.01.12 | 2023-04-03 |
Intel | Intel Server Board M10JNP2SB – Firmware Update Package – EFI BIOS 7219, BMC 8100.01.11 | 2022-12-13 |
Intel | Intel Server Board M10JNP2SB – Firmware Update Package – EFI BIOS 7218, BMC 8100.01.10 | 2022-06-29 |
Intel | Intel Server Board M10JNP2SB – Firmware Update Package – EFI BIOS 7217, BMC 8100.01.10 | 2022-03-24 |
Intel | Intel Server Board M10JNP2SB – Firmware Update Package – EFI BIOS 7216, BMC 8100.01.10 | 2021-06-29 |
Supermicro | AS -4124GQ-TNMI | 2023-08-10 |
Supermicro | MBD-H12DSG-Q-CPU6 | 2023-04-21 |
Supermicro | MBD-H12DGO-6 | 2023-04-18 |
Supermicro | MBD-H12SSW-AN6 | 2023-04-18 |
Supermicro | MBD-H12DSU-iN | 2023-04-13 |
Supermicro | MBD-H12DSi-N6 | 2023-04-13 |
Supermicro | MBD-H12DGQ-NT6 | 2023-03-07 |
Supermicro | MBD-X11QPL | 2020-02-24 |
Supermicro | B11DPT | 2019-09-06 |
Supermicro | X11QPH+ | 2019-08-22 |
Supermicro | X11DPS-RE | 2019-06-11 |
Supermicro | B11QPI | 2019-06-07 |
Supermicro | B11DPE | 2019-05-29 |
Supermicro | X11SCH-F/LN4F | 2019-05-24 |
Supermicro | AOM-X11OPI-LBG-P/MBD-X11OPI-CPU-P | 2019-05-10 |
Supermicro | X11DPG-SN | 2019-05-10 |
Supermicro | X11DGQ | 2019-05-09 |
Supermicro | X11SSE8_308 | 2019-05-09 |
Supermicro | X11DPG-HGX2 | 2019-05-03 |
Supermicro | X11DPI-N(T) | 2019-04-26 |
Supermicro | X11DPi-N(T) | 2019-04-01 |
Supermicro | X11OPi | 2019-03-08 |
Supermicro | C7Z270L8_222 | 2019-02-26 |
Supermicro | B11QPI-T | 2019-02-22 |