Uitgelicht UEFI firmware as target A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw. UEFI firmware is considered more secure as it includes Secure Boot, which is supported by all modern operating systems, including Windows, macOS, and Linux. Secure Boot cryptographically confirms a device is only booted using trusted drivers and software, blocking the boot process if it detects malicious software. As Secure Boot makes it much harder for threat actors to install persistent boot malware and drivers, UEFI bugs have become increasingly targeted to create malware called bootkits. Bootkits are malware that loads very early in the UEFI boot process, giving the malicious programs low-level access to the operation and making them very difficult to detect like we saw the BlackLotus, CosmicStrand, and MosaicAggressor UEFI malware. Phoenix UEFI vulnerability impacts hundreds of Intel PC models (bleepingcomputer.com): Uitgelicht