Microsoft has released a new PowerShell script to address a critical security vulnerability in Windows operating systems. This script enables users and administrators to update bootable media files to use the Windows UEFI CA 2023 certificate, significantly reducing security threats posed by UEFI bootkits.
Update will be mandatory by the end of the year
BlackLotus, a dangerous UEFI bootkit that can bypass Secure Boot and gain full access to the operating system, is known for disabling security measures such as BitLocker, HVCI, and Microsoft Defender, allowing malware to run undetected.
Microsoft had previously released security patches in March and July 2023 to counter this threat, but these updates were disabled by default and offered as optional. The new PowerShell script simplifies testing and applying these updates.
Apple will soon release the iOS 18.3.1 update, which has started internal testing. So what can we expect with the new version?
Microsoft states that the phased implementation will be completed by 2026, and users need to test the new security measures during this period. The company also warned that incorrect configuration of the update could render systems unbootable.
If an error occurs while installing this update, users must first update their boot media containing the “Windows UEFI CA 2023” certificate. Failure to do so could render the system completely inaccessible. Microsoft has announced that it will publish detailed support documentation for this process.
The new PowerShell tool is critical for enterprise system administrators and advanced users. It is recommended that this update be tested and applied as soon as possible, before the end of the year, to prevent threats like BlackLotus. The company stated that it would announce at least six months in advance when this change will become mandatory for users.
