Summary:
1. New Downgrade Attack on Windows Updates:
- SafeBreach researchers have discovered a Windows downgrade attack that can bypass secure boot processes, similar to last yearβs BlackLotus UEFI bootkit.
2. Exploiting the Update Process:
- Researcher Alon Leviev found a way to control Windows updates, allowing manipulation of update contents, registry keys, and installers, all while bypassing integrity verifications.
3. Broad Impact on Windows Security:
- The vulnerability also compromises the Windows virtualization stack, including virtualization-based security features meant to isolate the kernel, posing a severe security threat.
Read more at: The Register
!