Microsoft has released a fix for a Secure Boot bypass vulnerability that allowed threat actors to deploy the BlackLotus bootkit (opens in new tab) to target endpoints – however, the update will be sitting idly on computers for months before it actually gets used, as its application is somewhat complicated.The original vulnerability is tracked as CVE-2022-21894, and that one was patched in early 2023. However, hackers soon found ways to work around the patch and still deploy BlackLotus on Windows 10, Windows 11, and multiple Windows Server versions. Hence, CVE-2023-24932 was addressed earlier this week. But in order to fully address the issue, Microsoft needs to make irreversible changes to the Windows boot manager. Consequently, the fix will render current Windows boot media unbootable.
“The Secure Boot feature precisely controls the boot media that is allowed to load when an operating system is initiated, and if this fix is not properly enabled there is a potential to cause disruption and prevent a system from starting up,” Microsoft said in an update (opens in new tab). In other words, not being careful with how the fix is applied could brick the device that installs it. To make matters even more complicated, the device with the fix won’t be able to boot from older, unpatched bootable media. That includes system backups, network boot drives, Windows installation DVDs and USBs created from ISO files, and more.Obviously, Microsoft doesn’t want to brick people’s computers, so the update will be rolled out in phases, over the next couple of months. There will be multiple versions of the patch, each somewhat easier to enable. Apparently, the third update will enable the fix for everyone, and it should be released in the first quarter of 2024. BlackLotus is the first bootkit that’s known to be used in the wild to bypass Secure Boot protections. Threat actors need either physical access to the device, or an account with system admin privileges.Via: ArsTechnica (opens in new tab)
Microsoft is currently working on a mega security patch to address some of its most important security issues. This patch is anticipated to solve two of the biggest security concerns facing the tech giant, the zero-day vulnerabilities found in SolarWinds Orion and Exchange Server.
The impact of zero-day vulnerabilities can be enormous. When discovered, they often create a sense of urgency for a patch, as attackers could exploit the vulnerabilities before Microsoft is able to produce a patch. By releasing a mega security patch, Microsoft addresses these threats and increases the security of its platform.
Additionally, this patch will address other important vulnerabilities, such as the ones found in Internet Explorer and Microsoft Defender. These vulnerabilities could potentially compromise user data, and it is important that they are addressed to ensure the safety and security of Microsoft’s customers.
Q: What is a zero-day vulnerability?
A: A zero-day vulnerability is a security flaw that is discovered by hackers or researchers before the software manufacturer has been able to produce a patch for it. It enables hackers to exploit the vulnerability before it can be fixed.
Q: What is SolarWinds Orion?
A: SolarWinds Orion is a platform for managing IT environments. The recent security breach exploited vulnerabilities in this software, allowing hackers to gain access to networks, including those of Microsoft.
Q: Why is it important for Microsoft to release a mega security patch?
A: The release of a mega security patch is crucial for Microsoft as it addresses some of the most important security concerns facing the company. It helps to ensure the safety and security of Microsoft’s customers by patching vulnerabilities that could potentially compromise user data.
Q: When is this patch expected to be released?
A: There is currently no official release date for the mega security patch. However, Microsoft has stated that it is a priority and will be released as soon as possible.
- The team of experts at TechListen.com are dedicated to providing you with the best information and insights on the latest and greatest technology. Our experts have extensive knowledge and experience in the tech industry, and are constantly researching and analyzing the newest products and services so you can make informed decisions. We provide detailed reviews and analysis of the latest gadgets and gizmos, as well as the hottest trends in the industry. Our team is committed to helping you stay up-to-date with the ever-changing world of technology, so you can get the most out of your tech investments. With our expertise and dedication to providing the best information, TechListen.com is the premier online destination for all things tech.
- NewsAugust 25, 2023Instacart Unveils $428 Million Profit with Anticipated Slowing Growth Prior to I.P.O.
- ReviewsAugust 23, 2023Reviewing Immortals of Aveum: Do You Believe in Magic?
- NewsAugust 22, 2023Quordle Today: Hints and Answers for Wednesday, August 23, Game #576
- NewsAugust 19, 2023Cruise Decreases Driverless Car Fleet in San Francisco After Crash