Microsoft Secure Boot Bug | allinfosecnews.com

May 17, 2023, 11:01 a.m. | Bruce Schneier

Schneier on Security www.schneier.com

Microsoft is currently patching a zero-day Secure-Boot bug.

The BlackLotus bootkit is the first-known real-world malware that can bypass Secure Boot protections, allowing for the execution of malicious code before your PC begins loading Windows and its many security protections. Secure Boot has been enabled by default for over a decade on most Windows PCs sold by companies like Dell, Lenovo, HP, Acer, and others. PCs running Windows 11 must have it enabled to meet the software’s system requirements.

Microsoft …

blacklotus boot bootkit bug bypass code default malicious malware microsoft patching pcs secure boot security security protections vulnerabilities windows world zero-day

More from www.schneier.com / Schneier on Security

Friday Squid Blogging: Searching for the Colossal Squid 14 hours ago | www.schneier.com

blog blogging can cruise +7

Long Article on GM Spying on Its Cars’ Drivers 1 day ago | www.schneier.com

article cars companies data +10

The Rise of Large-Language-Model Optimization 2 days ago | www.schneier.com

artificial intelligence coming easy end +12

Dan Solove on Privacy Regulation 3 days ago | www.schneier.com

academic papers article consent dan +6

Microsoft and Security Incentives 4 days ago | www.schneier.com

capabilities companies cyber cybersecurity +16

Using Legitimate GitHub URLs for Malware 4 days, 20 hours ago | www.schneier.com

attack attacker attack vector can +25

Friday Squid Blogging: Squid Trackers 1 week ago | www.schneier.com

article blog blogging can +13

Other Attempts to Take Over Open Source Projects 1 week, 2 days ago | www.schneier.com

action backdoors council discovery +16

Using AI-Generated Legislative Amendments as a Delaying Technique 1 week, 3 days ago | www.schneier.com

adoption a hacker's mind artificial intelligence bill +7

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Director, Cybersecurity - Governance, Risk and Compliance (GRC)

@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr

View on infosec-jobs.com

Information Security Risk Metrics Lead

@ Live Nation Entertainment | Work At Home-Connecticut

View on infosec-jobs.com

IT Product Owner - Enterprise DevSec Platform (d/f/m)

@ Airbus | Hamburg - Finkenwerder

View on infosec-jobs.com

Senior Information Security Specialist

@ Arthur Grand Technologies Inc | Arlington, VA, United States

View on infosec-jobs.com

Information Security Controls SME

@ Sword | Aberdeen, Scotland, United Kingdom

View on infosec-jobs.com