“BlackLotus Security Flaw in Windows: Microsoft Takes Months to Fix”

Windows security is a responsibility of Microsoft, which works on it at a high pace. Even so, and in specific cases, these take a long time to reach the users of odors. The latest security flaw, BlackLotus will take many months to fix.

Months to Fix a Windows Crash
Despite being clearly and naturally more secure, Windows has important security holes yet to be addressed.  These compromise the protection of users and therefore need to be corrected by Microsoft and quickly, with benefits for all.
The most recently discovered flaw, BlackLotus, will take months to resolve and Microsoft has already taken care of this process.  The necessary steps are defined and some have already been taken.  Even so, there is a work of months ahead of the creator of Windows.

May 9, 2023:  Initial fix for CVE-2023-24932 is released.  In this release, this fix requires the Windows May 9, 2023 security update and additional customer actions to fully implement the protections.
July 11, 2023:  a second version will provide additional upgrade options to simplify the implementation of protections.
First quarter of 2024:  this final release will enable the fix for CVE-2023-24932 by default and enforce bootloader overrides on all Windows devices.


Microsoft wants to deal with BlackLotus
Earlier this week, Microsoft released a patch to fix a Secure Boot bypass bug used by the BlackLotus bootkit.  The original vulnerability, CVE-2022-21894, was patched in January, but the new patch for CVE-2023-24932 addresses another workaround actively exploited in Windows 10 and 11 and versions of Windows Server since Windows Server 2008.
The BlackLotus bootkit is the first known real-world malware to bypass secure boot protections.  Allows malicious code to run before the PC loads Windows and its security protections.  Microsoft says the vulnerability could be exploited by an attacker with physical access to a system or administrator rights on a system.

Windows has this glitch unresolved
Secure Boot has been enabled by default for over a decade on most Windows PCs.  PCs running Windows 11 must have it activated to meet the software's system requirements.
This patch isn't the only recent security flaw to highlight the difficulties of patching secure boot and UEFI vulnerabilities.  MSI had its signing keys stolen in a ransomware attack.  The company has the problem of creating firmware updates signed with the compromised key.