This week, as part of the July 2024 Patch Tuesday, Microsoft has released several important updates for both Windows 10 and Windows 11. These include updates KB5040427, KB4050430, KB5040434, and KB5040448, which target Windows 10, Windows 11 versions 21H2, 22H2, 23H2, and the newest 24H2. These updates aim to resolve many critical issues the operating systems face.
In addition to these updates, Microsoft has surprised users with a particular patch to address one of Windows’ most significant problems. This update adds requirements for installing updates to the Windows Recovery Environment (WinRE). Furthermore, Microsoft has announced that they are implementing a mitigation for the well-known BlackLotus vulnerability, enhancing the security of the operating system.
Microsoft deploys security patch to fix BlackLotus UEFI Secure Boot vulnerability
Last year, a significant security vulnerability known as BlackLotus UEFI Secure Boot was revealed, posing a serious threat as cybercriminals could exploit it. Alarmingly, the details of this vulnerability were circulating on the Internet without any immediate fixes. Even when a patch was released, it didn’t entirely resolve the issue.
This vulnerability was particularly concerning as it affected the startup process of the operating system. Microsoft has urged companies and organizations to implement the solutions provided in the July 9, 2024, Patch Tuesday update. The previous related patch, released in April, primarily served as an assessment of the issue rather than a comprehensive fix.
To address the BlackLotus vulnerability, Microsoft has shared a series of instructions for companies to follow, focusing on updates to the Windows Recovery Environment:
- Secure Version Number (SVN) Support: The secure version number has been added and updated in the firmware.
- First Mitigation: Implemented by administrative groups or companies, including participating in mitigation that adds the Windows UEFI CA 2023 signing certificate to the computer and monitoring the added equipment.
- Second Mitigation: Applied to the boot manager, updating recovery media and external boot sources.
- Third Mitigation: Involves the revocation of the Windows Production CA 2011 certificate.
- Fourth Mitigation: Updates the secure version number in the firmware.
These steps are part of Microsoft’s comprehensive instructions to ensure companies effectively address this critical vulnerability. For more detailed information, you can read the full post by our colleagues at Neowin, who have covered the issue extensively.
