![]() Moreover, a proof-of-concept for the vulnerability has been publicly available since August 2022.Īccording to ESET malware analyst Martin Smolár, the flaw can still be exploited because the signed binaries have not been added to the UEFI revocation list. Microsoft patched the security flaw in January last year. It exploits a year-old CVE-2022-21894 vulnerability to bypass the secure boot process on Windows systems. ![]() Kaspersky first discovered the BlackLotus bootkit back in October 2022. Almost all modern hardware with UEFI firmware supports this feature, which ensures that Windows PCs will only boot with trusted programs from the Original Equipment Manufacturer (OEM). Secure Boot is a security feature that prevents unauthorized software (malware) from running on Windows machines. ![]() The research warned that the BlackLotus flaw can now bypass Secure Boot even on fully updated Windows 11 PCs. ![]() The security researchers at ESET issued a security advisory about the BlackLotus vulnerability this week. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |