Microsoft has blocked Secure Boot mitigations for the BlackLotus (CVE-2023-24932) vulnerability on some PCs. The block affects Windows Server 2012 and 2012 R2 systems due to incompatibilities with TPM
Secure boot RSS
Microsoft shared an updated DC hardening timeline where it has added new guidance and key dates about the deployment phase. This hardening meant to improve the security of the concerned servers.
Microsoft is about to update its UEFI Secure Boot Keys required for certificate management. These keys are from the Windows 8 era and are set to expire soon, just a couple of years from now.
Microsoft has addressed a security vulnerability that can lead to BitLocker Secure Boot bypass on both Windows 10 and 11. Alongside that, the company has also detailed how to resize the WinRE space.
Remember the open source Windows project called "ReactOS"? The dev team has published a new blog post outlining all the major developments that happened this year like improved UEFI boot support.
_medium.jpg)
Microsoft's Secured Core initiative builds all Surface devices with integrated hardware, firmware, and software defenses. This approach gives Microsoft greater control over security updates.
Popular Windows configuration tool NTLite received its latest update. The new version brings an updated Windows Boot Manager, which was recently patched against a BlackLotus Secure Boot flaw.
Microsoft has patched UEFI Secure Boot security vulnerability called BlackLotus with its latest Update Tuesday released earlier today. The fix is available on Windows 10, Windows 11, and Servers.
_medium.jpg)
Microsoft has pushed the KB5012170 security update on Windows 11 and Windows 10 once again. The update, supposed to patch a Secure Boot DBX GRUB vulnerability, has known issues in it.
Microsoft has published some helpful guidance against the BlackLotus UEFI bootkit vulnerability that can bypass Secure Boot, VBS, BitLocker, Windows Defender, and more to infect updated Windows PCs.
_medium.jpg)
An old, persistent "Standard hardware security not supported" bug has come back to haunt Windows 11 users according to multiple reports online. The issue is affecting those who have supported PCs.
BlackLotus, which is a bootkit, has been doing the rounds on the internet since last year. This bootkit is capable of bypassing Secure Boot, disabling BitLocker, Microsoft Defender, and more.
Microsoft recently rolled out Patch Tuesday for the month and it is plagued with issues, which is often the case. VMware has confirmed that it breaks Secure Boot on Server leading to boot failures.
If you are running Windows 11 22H2 on an unsupported system, you could soon receive a "Windows 11 system requirements" not met watermark inside Settings and on the desktop screen itself.
Memory testing utility software Memtest86 Plus has finally received support for Secure Boot, which is a system requirement for Windows 11. This latest version also fixes several other bugs.
MSI motherboards, from both Intel and AMD, have been vulnerable due to a broken Secure Boot firmware setting issue. The bug would allow potentially malicious files to boot into an affected system.
Join us in a jampacked week in a new edition of Microsoft Weekly as we recap all the important stuff from the world of the Redmond tech giant, including the death of Windows 8.1 and a Teams paywall.
A Microsoft employee published a guide today which explains how one can configure a Windows 11 VM. The idea occurred to them when Windows 11's system requirements stopped them in their tracks.
The extended support updates (ESU) on Windows 7 ends today. Interestingly and rather bizarrely, Microsoft enabled native UEFI and Secure Boot. However, the new feature support is not without flaws.
Oracle has finally released a major update for its virtualization software. VirtualBox 7 is now available for download on all supported platforms, and it brings SecureBoot, TPM 2.0 support, and more.
Reference for the Windows 11 requirements like TPM 2.0 and Secure Boot have been found for the first time within Windows 10. Back when these requirements were announced, many were left unamused.
The latest Dev channel release for Windows 11 Insiders, build 25188, was released today. Under the hood, the company has updated the Security Core boot driver which may have enhanced the security.
With Patch Tuesday recently, Microsoft released the KB5012170 update which adds new vulnerable UEFI signatures to the Secure Boot DBX. The newly added signatures are related to the GRUB vulnerability.
_medium.jpg)
Certain Windows PCs with Gigabyte and Asus motherboards have been found to be infected with a new "CosmicStrand" UEFI rootkit. The malware is an evolution of an older rootkit dubbed "Spy Shadow".
Back at CES, Lenovo launched its ThinkPad Z series with Microsoft Pluton powered by Ryzen 6000. However, these new notebooks refuse to run non-Windows OS, like Linux, without firmware tweak.
The Windows 11 22H2 (Sun Valley 2) RTM build 22621 has resurrected an old bug whereupon a system gets a "hardware security not supported" message even on PCs that meet the necessary requirements.
During its Windows 11 Insider Webcast presentation today, a Microsoft employee was spotted running an Intel seventh generation Core processor even though these CPUs are not officially supported.
Microsoft has released a new Windows 11 Release Preview Channel build 22000.651 under KB5012643. The new release brings several fixes and improvements including some related to TPM and Secure Boot.
A new Windows 10 21H2 build has been released to Insiders on the Release Preview channel. The new build, 19044.1679, brings several changes and improvements like a Secure Boot improvement and more.
Rufus 3.18 beta version fixes an ISO to ESP issue. But more importantly, the version brings the "Extended" option that will now help bypass Windows 11 requirements for in-place upgrades too.
After the recent leak of some Windows 11 features, we have today a fresh set of leaks that reveal more features like Taskbar overflow flyout, and a new reminder for users that run unsupported PCs.
Windows 11 requirements can be checked using the PC Health Check app that Microsoft released. However, it seems the app is misidentifying a hyper-threaded Pentium 4 as a CPU officially supported.
After explaining why features like TPM 2.0, VBS, Secure Boot, among other things, are so important for user security on Windows 11, Microsoft also demoed mock hacker attacks on such vulnerable PCs.
According to a report from 3DMark creator UL Benchmarks, Microsoft's VBS feature can incur a noticeable performance hit on Windows 11 PCs. Testing shows varying results between Beta and Dev builds.
_medium.jpg)
A GitHub dev has updated its Universal MediaCreationTool for Windows which now supports Windows 11. Interestingly, the new update skips TPM and system requirements checks on Windows 11.
Microsoft claims that it has plenty of changes under the hood in upcoming Windows 11. It has explained how the next-gen OS has been developed to get the best out of available hardware resources.
Microsoft has provided guidance on how your organization should secure your Windows 365 Cloud PCs, across both Enterprise and Business offerings. However, Trusted Launch is not yet available.
Canonical has announced Ubuntu Core 20. The new release is a stripped back version of Ubuntu 20.04 LTS that's aimed at IoT devices and embedded systems. It includes several new security features.
A newly discovered flaw in Secure Boot affects almost all Linux distros and Windows devices that leverage the UEFI boot tech. If the flow is exploited, attackers can gain full control of the system.
The Tails project has released Tails 4.5. This new version patches two actively exploited zero-day vulnerabilities in the Tor Browser and brings support for booting on Secure Boot-enabled computers.
