Security News > 2023 > March > BlackLotus Malware Hijacks Windows Secure Boot Process
Researchers have discovered malware that "Can hijack a computer's boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows."
Dubbed BlackLotus, the malware is what's known as a UEFI bootkit.
As a result, the first publicly known UEFI bootkit bypassing the essential platform security feature-UEFI Secure Boot-is now a reality.
In this blogpost we present the first public analysis of this UEFI bootkit, which is capable of running on even fully-up-to-date Windows 11 systems with UEFI Secure Boot enabled.
It's capable of running on the latest, fully patched Windows 11 systems with UEFI Secure Boot enabled.
It exploits a more than one year old vulnerability to bypass UEFI Secure Boot and set up persistence for the bootkit.
News URL
Related news
- New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems (source)
- Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS (source)
- Windows MSHTML zero-day used in malware attacks for over a year (source)
- Facebook ads for Windows desktop themes push info-stealing malware (source)
- PKfail Secure Boot bypass lets attackers install UEFI malware (source)