Today's Patch Tuesday fixes a critical vulnerability that is being exploited in the wild:
Microsoft has released security updates to address a Secure Boot zero-day vulnerability exploited by BlackLotus UEFI malware to infect fully patched Windows systems.
Secure Boot is a security feature that blocks bootloaders untrusted by the OEM on computers with Unified Extensible Firmware Interface (UEFI) firmware and a Trusted Platform Module (TPM) chip to prevent rootkits from loading during the startup process.
Unfortunately, the patch process is complicated here. Click through to the article and follow the instructions. Microsoft is working on a simpler method but doesn't expect to have this for two months - and remember there is malware exploiting this today.
Note: in the instructions you will see something about updating the factory media (sometimes called the "Restore disk"). This came with your computer. I wouldn't worry about that today; the big thing is to get the Secure Boot State fix.
Great info. My employer is reporting even more pfishing scams and even a text scam involving paypal. Definitely have to keep up with the security updates.
ReplyDeleteWell, mine says unsupported. Not sure if that means I’m screwed because I can be it by a boot process hack, or if I’m immune because I don’t have the magic boot loader feature.
ReplyDeleteWin 10 Pro Ver 10.0.19045 Build 19045
I keep up with all updates, so I guess I'm as good as I'm going to get.