Microsoft, utilizing its AI-driven tool Security Copilot, has uncovered a total of 20 previously unknown vulnerabilities in three key open-source bootloaders: GRUB2, U-Boot, and Barebox. GRUB2, the default bootloader for most Linux distributions including Ubuntu, was found to harbor 11 vulnerabilities, primarily stemming from integer overflows and buffer overflows in filesystem parsers, as well as potential side-channel attack risks on cryptographic comparison functions. U-Boot and Barebox, predominantly used in embedded systems and IoT devices, were also identified to have 9 vulnerabilities, predominantly related to buffer overflows in filesystem parsing, such as SquashFS. Microsoft cautions that these vulnerabilities could be exploited by attackers to circumvent security measures, implant malware, and assume complete control over affected devices. Updates and patches have been issued for the impacted programs, and users are strongly advised to upgrade promptly to safeguard their security. Security Copilot not only swiftly identified these vulnerabilities but also offered remediation advice, significantly boosting the efficiency of patch releases for open-source projects.