Microsoft has issued patches for a critical flaw that could allow attackers to control Windows PCs through bootkit malware. The vulnerability, CVE-2025-3052, exploits Microsoft’s Secure Boot feature and allows an attacker to run unsigned code during the boot process.
Bootkit malware is a serious threat, as it can bypass security protection, evade detection, and access confidential information. The flaw lets attackers bypass Secure Boot by signing vulnerable UEFI applications with Microsoft’s third-party certificates.
To protect your PC, update to Windows 10 or 11, go to Settings > Windows Update, download the latest updates, and reboot. This patch fixes a number of other weaknesses, including two additional Secure Boot flaws and a zero-day vulnerability.
Microsoft has not yet seen exploitation of this flaw in the wild, but it is essential to apply the patches as soon as possible. Don’t let your PC become an easy target for attackers – install these updates now and secure your system.
Source: https://www.zdnet.com/article/patch-your-windows-pc-now-before-bootkit-malware-takes-it-over-heres-how