Microsoft: Latest Patch Tuesdays bring SafeOS Dynamic updates to fix Secure Boot bypass


Earlier today, Microsoft released its Patch Tuesday updates for Windows 10 (KB5028166) and Windows 11(KB5028185). The company, on its health dashboard website, made an accompanying announcement to explain that it has deployed its second phase hardening against the BlackLotus UEFI bootkit security flaw. A guidance post was also published by Microsoft to help users.

The latest update adds the newest SafeOS Dynamic Update packages for WinRE, and brings easier automated deployment of Secure Boot DBX revocation files. The Secure Boot Forbidden Signature Database or Secure Boot DBX from Microsoft is basically a block-list for blacklisted UEFI executables that were found to be dangerous. (Microsoft also revoked several WHQL-signed drivers that were actually malware with the latest Patch Tuesday).

Read more…