all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Guidance related to Secure Boot Manager changes associated with CVE-2023-24932

Add to bookmarks
May 9, 2023, 7 a.m. |

Microsoft Security Response Center msrc-blog.microsoft.com

Summary Summary Today, Microsoft is releasing CVE-2023-24932, and associated configuration guidance, to address a Secure Boot bypass vulnerability used by the BlackLotus bootkit to exploit CVE-2022-21894. Customers will need to closely follow the configuration guidance to fully protect against this vulnerability.
This vulnerability allows an attacker to execute self-signed code at the Unified Extensible Firmware Interface (UEFI) level while Secure Boot is enabled.

address blacklotus boot bootkit bypass code configuration customers cve cve-2022-21894 cve-2023-24932 exploit guidance manager microsoft protect secure boot vulnerability

Visit resource

More from msrc-blog.microsoft.com / Microsoft Security Response Center

Congratulations to the Top MSRC 2024 Q1 Security Researchers! 1 month, 2 weeks ago | msrc-blog.microsoft.com
check chen customers hard +13
Toward greater transparency: Adopting the CWE standard for Microsoft CVEs 1 month, 3 weeks ago | msrc-blog.microsoft.com
center communities current customers +20
Embracing innovation: Derrick’s transition from banking to Microsoft’s Threat Intelligence team 1 month, 4 weeks ago | msrc-blog.microsoft.com
analysts banking collect curiosity +20
Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard 2 months, 3 weeks ago | msrc-blog.microsoft.com
actions actor attack blizzard +24
Faye’s Journey: From Security PM to Diversity Advocate at Microsoft 3 months ago | msrc-blog.microsoft.com
career deployment desktop desktops +9
Microsoft boosts its Microsoft 365 Insider Builds on Windows Bounty Program with higher awards and … 3 months ago | msrc-blog.microsoft.com
award awards bounty bug +16
From Indiana Jones to Cybersecurity: The Inspiring Journey of Devin 3 months ago | msrc-blog.microsoft.com
adventures cybersecurity dream found +7
An Obsession With Impact: The Inspiring Journey of a Dreamer That Led to a Career … 3 months, 1 week ago | msrc-blog.microsoft.com
bruce career college dream +13
New Security Advisory Tab Added to the Microsoft Security Update Guide 3 months, 2 weeks ago | msrc-blog.microsoft.com
advisory customers feedback guide +16

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com