BlackLotus bootkit can bypass Windows 11 Secure Boot: ESET

A Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus is found to be capable of bypassing an essential platform security feature, UEFI Secure Boot, according to researchers from Slovakia-based cybersecurity firm ESET.

BlackLotus uses an old vulnerability and can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled, the researchers found.

UEFI Secure Boot is a feature of the UEFI firmware, which is a successor to the traditional BIOS (Basic Input/Output System) firmware found on older computers. Secure Boot is designed to ensure that the system boots only with trusted software and firmware. Bootkit on the other hand is a malware that infects the boot process of a computer.

To read this article in full, please click here