The problem is related to the UEFI module signed by the Microsoft Third Party UEFI CA 2011 certificate used on most modern computer.
The vulnerability allows the attacker to introduce malicious code without checking the Ihisaramuffer variable by providing direct memory access to the attacker. This leads to installing the Bootkit Explosions loaded from the EFI section and completely skipping protective equipment at the OS level.
Microsoft released an update as part of the June patch on Tuesday and added vulnerable modules to the list of certificates (DBX).
It should be noted that this update is critical: without it, an aggressive with the reality of the administrator can quietly close the safe boot and provide an outstanding installation of malicious software.
It is recommended that users upload existing windows and product software updates as soon as possible.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
