Microsoft is working on a mega security fix for some of its top issues

Microsoft has released a patch for a secure boot bypass vulnerability that allowed cybercriminals to deploy the BlackLotus bootkit on targeted endpoints – however, the update will sit idle on computers for months before actually being used as its application is a bit complex.

The original vulnerability is tracked as CVE-2022-21894, and this one was patched in early 2023. However, hackers soon found ways around the fix and continued to deploy BlackLotus on Windows 10, Windows 11, and many versions of Windows Server. As such, CVE-2023-24932 was discussed earlier this week.

Leave a Reply

Your email address will not be published. Required fields are marked *