![]() Microsoft patched these vulnerabilities in January 2022 and May 2023, respectively. ![]() Although BlackLotus is a software threat and not a firmware threat, it exploits two vulnerabilities in the UEFI Secure Boot function to insert itself into the earliest phase of the software boot process initiated by UEFI: CVE-2022-21894, also known as Baton Drop, with a CVSS score of 4.4 and CVE-2023-24932, with a CVSS score of 6.7. UEFI is the firmware responsible for the boot-up routine, loading before the operating system kernel and any other software. It has the notorious distinction of being the first malware in the wild to successfully circumvent Microsoft's Unified Extensible Firmware Interface (UEFI) Secure Boot protections. BlackLotus emerged last fall when it was discovered for sale on the Dark Web for $5,000. The US National Security Agency (NSA) is urging system administrators to take extra steps beyond patching to safeguard Windows 10 and 11 machines from the BlackLotus bootkit malware.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |