Earlier this week, Microsoft launched a patch to repair a Safe Boot bypass bug utilized by the BlackLotus bootkit we reported on in March. The unique vulnerability, CVE-2022-21894, was patched in January, however the brand new patch for CVE-2023-24932 addresses one other actively exploited workaround for methods working Home windows 10 and 11 and Home windows Server variations going again to Home windows Server 2008.
The BlackLotus bootkit is the first-known real-world malware that may bypass Safe Boot protections, permitting for the execution of malicious code earlier than your PC begins loading Home windows and its many safety protections. Safe Boot has been enabled by default for over a decade on most Home windows PCs offered by corporations like Dell, Lenovo, HP, Acer, and others. PCs working Home windows 11 will need to have it enabled to fulfill the software program’s system necessities.
Microsoft says that the vulnerability might be exploited by an attacker with both bodily entry to a system or administrator rights on a system. It could have an effect on bodily PCs and digital machines with Safe Boot enabled.
Learn 7 remaining paragraphs | Feedback