Microsoft is working on a mega security patch for some of its most important issues
Microsoft has released a fix for a secure boot bypass vulnerability that allowed threat actors to deploy the BlackLotus bootkit (opens in new tab) to target endpoints – however, the update will sit idle on computers for months before actually being used as its application is somewhat complicated.
The original vulnerability is tracked as CVE-2022-21894 and will be patched in early 2023. However, hackers soon found ways to bypass the patch and continue to deploy BlackLotus on Windows 10, Windows 11, and multiple Windows Server versions. As such, CVE-2023-24932 was fixed earlier this week.
https://markmeets.com/tech/microsoft-is-working-on-a-mega-security-patch-for-some-of-its-most-crucial-issues/?utm_source=rss&utm_medium=rss&utm_campaign=microsoft-is-working-on-a-mega-security-patch-for-some-of-its-most-crucial-issues Microsoft is working on a mega security patch for some of its most important issues