Summary Summary Today, Microsoft is releasing CVE-2023-24932, and associated configuration guidance, to address a Secure Boot bypass vulnerability used by the BlackLotus bootkit to exploit CVE-2022-21894. Customers will need to closely follow the configuration guidance to fully protect against this vulnerability.
This vulnerability allows an attacker to execute self-signed code at the Unified Extensible Firmware Interface (UEFI) level while Secure Boot is enabled.
This vulnerability allows an attacker to execute self-signed code at the Unified Extensible Firmware Interface (UEFI) level while Secure Boot is enabled.
Source – Microsoft Security Response Center
All content and images belong to their respected owners, this article is curated for informational purposes only.
