IT Services Circle

Apr 10, 2026 · Information Security

How BlackLotus UEFI Bootkit Bypasses Secure Boot and Microsoft’s Patch Roadmap

The BlackLotus UEFI bootkit (CVE‑2023‑24932) can evade Windows Secure Boot by exploiting legacy certificates, prompting Microsoft to roll out a five‑phase patch series starting May 2023, refresh UEFI firmware, blacklist old boot managers, and introduce visual status indicators as the 2011 certificates expire in 2026.