Malicious cyber actors might exploit a known flaw in Microsoft Windows’ secure startup process to bypass Secure Boot protection and run the BlackLotus malware. BlackLotus uses a known flaw dubbed “Baton Drop,” tracked as CVE-2022-21894, to bypass beyond security precautions made by the device’s Secure Boot start-up procedure. Since October 2022, BlackLotus has been making appearances on hacker forums.
Source: GBHackers