security

Microsoft is working on a mega security patch for some of its most … – TechRadar


Microsoft has released a fix for a Secure Boot bypass vulnerability that allowed threat actors to deploy the BlackLotus bootkit (opens in new tab) to target endpoints – however, the update will be sitting idly on computers for months before it actually gets used, as its application is somewhat complicated.

The original vulnerability is tracked as CVE-2022-21894, and that one was patched in early 2023. However, hackers soon found ways to work around the patch and still deploy BlackLotus on Windows 10, Windows 11, and multiple Windows Server versions. Hence, CVE-2023-24932 was addressed earlier this week. 



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.