BlackLotus bootkit bypasses UEFI Secure Boot on patched Windows 11
The developers of the BlackLotus UEFI bootkit have improved the malware with Secure Boot bypass capabilities that allow it to infected even fully patched Windows 11 systems. [...]
Windows 11 is Microsoft's desktop operating system, whose updates, security controls, and flaws affect the protection of PCs and their data.
Search across headline titles and summaries.
Background for this topic.
Windows 11 is Microsoft’s desktop operating system for personal computers and organizational endpoints. Its security model can use hardware-backed protections such as TPM 2.0 and Secure Boot, while virtualization-based security (VBS), credential isolation, Microsoft Defender, and Windows Hello help protect the boot process, credentials, and user sessions. These controls depend on compatible hardware, enabled policies, and correctly configured drivers and applications; they are not automatic protection against every attack.
For security teams, Windows 11 is a major vulnerability-management and endpoint-monitoring scope. Monthly updates address flaws that may enable privilege escalation, remote code execution, or security-control bypass, while third-party software, kernel drivers, and misconfigured services add attack surface. Organizations should maintain supported builds, test and deploy patches, verify Secure Boot and VBS posture, protect recovery and administrator credentials, and retain telemetry useful for detecting persistence or lateral movement. Hardware and configuration differences also matter when assessing exposure and forensic evidence.
The developers of the BlackLotus UEFI bootkit have improved the malware with Secure Boot bypass capabilities that allow it to infected even fully patched Windows 11 systems. [...]
Sold for around $5,000 in hacking forums, the BlackLotus UEFI bootkit is capable of targeting even updated systems, researchers find.
Microsoft has addressed a Windows 11 22H2 known issue causing some apps not to be installed during Windows provisioning. [...]
A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing Secure Boot, making it a potent threat in the cyber landscape
Microsoft says the KB5022913 February 2023 non-security preview release is causing boot issues on Windows 11 22H2 systems due to incompatibility with some third-party UI customization apps. [...]
Microsoft has released the optional February 2023 optional cumulative update for all editions of Windows 11 22H2 with the newly announced Moment 2 features. [...]
Microsoft announced today that it's integrating the new AI-powered Bing Chat into the Windows 11 search box with the latest Windows feature update. [...]
Microsoft has released the Windows 11 22H2 'Moment 2' update, bringing many new and long-awaited features to the operating system. [...]
Microsoft announced today an early preview of Phone Link for iPhone users available to Windows Insiders running the latest Windows 11 builds. [...]
Microsoft has addressed a known issue behind unsupported computers being offered Windows 11 22H2 upgrades and being unable to complete the installation process. [...]