Unkillable UEFI malware bypassing Secure Boot enabled by unpatchable Windows flaw

Unrootable UEFI malware bypasses secure boot enabled by Windows inaccessible flaw

Oric Lawson | Getty Images

Researchers on Wednesday announced a major cybersecurity discovery — the world’s first known instance of real-world malware that can compromise a computer’s boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows.

The malware is called BlackLotus, which is what is known as a UEFI boot kit. These sophisticated pieces of malware hijack UEFI — short for Unified Extensible Firmware Interface — a complex, low-level series of firmware responsible for booting nearly every modern computer. As the mechanism that connects a computer’s firmware to its operating system, UEFI is an operating system in itself. It’s housed in an SPI-connected flash storage chip soldered to the computer’s motherboard, which makes it difficult to check or debug.

Because UEFI is the first thing that runs when you turn on your computer, it affects the operating system, security applications, and all other software that follows. These attributes make UEFI the perfect place for malware to run. Upon success, UEFI boot sets disable the operating system’s security mechanisms and ensure that the computer remains infected with disguised malware running in kernel or user mode, even after the operating system is reinstalled or the hard drive is replaced.

Despite the allure of threat actors installing malware that is virtually invisible and unremovable and has access at the kernel level, there are a few formidable hurdles that stand in their way. One of them is the requirement that they first hack the device and gain system administrator rights, either by exploiting one or more vulnerabilities in the operating system or applications or by tricking the user into installing a Trojan. Only after this high bar is cleared can the threat actor attempt to install the bootkit.

The second thing that stands in the way of UEFI attacks is UEFI Secure Boot, an industry-wide standard that uses cryptographic signatures to ensure that every piece of software used during startup is trusted by the computer manufacturer. Secure Boot is designed to create a chain of trust that prevents attackers from replacing custom boot firmware with malicious firmware. If a single firmware link in this chain is not recognized, Secure Boot will prevent the device from starting.

While researchers have found secure boot vulnerabilities in the past, there was no indication that threat actors managed to bypass the protection in the 12 years that they were present. So far.

On Wednesday, researchers at security company ESET provided an in-depth analysis of the world’s first UEFI boot suite to bypass Secure Boot on fully updated UEFI systems running fully updated versions of Windows 10 and 11. While there are no strings or other clues that directly show the name of the creators or bootkit, ESET researchers have concluded that it almost certainly corresponds to a bootkit suite, known as BlackLotus, that has been advertised on underground cybercrime forums since last year. Price: $5,000, and $200 after that for updates.

A Brief History of BlackLotus.
Zoom in / A Brief History of BlackLotus.


To defeat Secure Boot, the bootkit exploits CVE-2022-21894, a vulnerability in all supported versions of Windows that Microsoft patched in January 2022. The memory corruption flaw, referred to as Baton Drop by the researcher who discovered it, can be exploited in order to remove Secure Boot functions from the boot sequence during startup. Attackers could also abuse the vulnerability to obtain BitLocker keys, a Windows feature to encrypt hard drives.

CVE-2022-21894 has proven particularly valuable to the creators of BlackLotus. Although Microsoft released new patches, the compromised signed binaries were not added to the UEFI revocation list which identifies boot files that should no longer be trusted. Microsoft hasn’t explained why, but it likely has something to do with the hundreds of vulnerable bootloaders that are still in use today. If these signed binaries are revoked, millions of devices will no longer function. As a result, fully updated hardware remains vulnerable because attackers can simply replace patched software with outdated, vulnerable software.

Leave a Reply

Your email address will not be published. Required fields are marked *