New mitigations for CVE-2023-24932 (BlackLotus) in the April update, not yet enabled by default
22 avril 2024 à 14:43
The remediation of CVE-2023-24932, discovered in May 2023, is taking longer than Microsoft's initial timeline. This flaw allows attackers to bypass Secure Boot and disable security features like BitLocker. The April 2024 update introduces a new fix that admins should thoroughly test because it has significant ramifications and will be automatically activated in October.