Linux Nightmare: Critical Flaw Opens Door to Sneaky Bootkits!

This is not good news for Linux.

If I understand this right, code is added to the boot process which can compromise your system.

Over at Ars Technica Dan Goodin writes

The vulnerability resides in shim, which in the context of Linux is a small component that runs in the firmware early in the boot process before the operating system has started. More specifically, the shim accompanying virtually all Linux distributions plays a crucial role in secure boot, a protection built into most modern computing devices to ensure every link in the boot process comes from a verified, trusted supplier. Successful exploitation of the vulnerability allows attackers to neutralize this mechanism by executing malicious firmware at the earliest stages of the boot process before the Unified Extensible Firmware Interface firmware has loaded and handed off control to the operating system.

One of the biggest challenges for admins is to keep their system secure and this one seems more involved that just updating some files.