Researchers at Slovak cybersecurity firm ESET have found the first real-world case of Unified Extensible Firmware Interface (UEFI) malware that can take over a computer's boot process even with Secure Boot enabled and running on fully updated versions of Windows 10 and 11.
The UEFI package, dubbed BlackLotus, exploits the Baton Drop logic flaw in all supported versions of Windows that Microsoft patched last January.
ESET's Jean-Ian Boutin explained, "Even though the vulnerability is old, it is still possible to leverage it to bypass all security measures and compromise the booting process of a system, giving the attacker control over the early phase of the system startup."
The only current BlackLotus infection prevention measure is to install all available operating system and application patches, which will compound the installer's difficulties in acquiring administrative privileges.
From Ars Technica
View Full Article
Abstracts Copyright © 2023 SmithBucklin, Washington, D.C., USA
No entries found