BlackLotus UEFI bootkit: Myth confirmed The first in-the-wild UEFI bootkit bypassing UEFI Secure Boot on fully updated UEFI systems is now a reality Martin Smolár - 1 Mar 2023 https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/ Long article with analysis. Read there more !! Also article here: https://arstechnica.com/information...ure-boot-enabled-by-unpatchable-windows-flaw/
Yes, this is a bit troubling, and I wonder if behavior blockers could block it from being able to install successfully. Because after install it would probably become way too hard to block it from performing suspicious stuff. Windows should really get some type of security layer that works like a hypervisor in order to detect this. I also posted about it, over here: https://www.wilderssecurity.com/thr...ndows-devices-since-2012.440991/#post-3135613