December 3, 2023

Microsoft Releases Fix for Secure Boot Bypass Vulnerability That Allowed Threat Actors to Deploy BlackLotus Bootkit (opens in a new tab) Targets endpoints – however, due to the somewhat complex nature of its application, updates will sit idle on computers for months before being actually used.

The original vulnerability was tracked as CVE-2022-21894, which was fixed in early 2023. However, hackers quickly found a way to bypass the patch and are still deploying BlackLotus on Windows 10, Windows 11, and multiple Windows Server editions. As a result, CVE-2023-24932 was resolved earlier this week.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *