Sometimes the characteristics designed to keep our computer safe can put us at the most risk for a worrying safety defect, which can be exploited by hackers in their attacks.
As reported BlappingCopperA new safe boot bypass (tracked as) Cve-2025-3052)) It was recently discovered that it could be used to disable the underlying security measures of Windows 11 to install bootkit malware.
Unlike its specific Windows Malware, Bootcide Malware targets your computer’s boot process that allows an attacker to achieve complete control on its operating system before it is loaded. To make cases worse, this type of malware is also constant and can remain on your PC even after restoring Windows.
Here you need to know about this new safe boot defect and it is important that you update your Windows PC now so that it is protected from any attack that exploits it.
Bypassing safe boot
According to a new blog postThis defect was discovered by binarly security researcher Alex Matrosov, when he found a BIOS-Flashing Utility online. Signed with Microsoft’s UEFI signing certificate, the utility in question was originally designed for the rugged tablet. However, it can run on any best Windows laptop or desktop with safe boot competent.
The first time was introduced back with the release of Windows 8 in 2012, designed to protect safe boot bootcit malware, by ensuring that only reliable software could be loaded during PC’s Startup sequence. The irony is that thanks to this defect, safe boot-capable PCs are now unsafe for what was designed to protect from this safety facility.
After an investigation, it was discovered that the weak module in the utility found by Mastrosov was available online since the end of at least 2022, although it was not until last year that it was uploaded to the malware detection service gratotle.
To show how severe this defect was, they and the team in Beenarli created a proof of the concept (POC), which sets the loadimage function used to apply a safe boot to zero that effectively disables it. Disabled with this feature, an attacker can install a bootkit malware that can hide from a window installed on a system and any safety software.
In February this year, Mastrosov revealed the blame to Microsoft and made a fix for it. However, when it worked to address the defect, the software giant determined that it affects 13 other modules that were still to be decided.
How to protect your Windows PC
So how do you protect yourself from malware that starts even before Windows and can easily bypass the best antivirus software? Well, by updating your PC with the latest security updates from Microsoft.
In the June patch Tuesday update, Microsoft has included a fix for this major security defect, as well as with patch for other recently discovered weaknesses. However, the company has also added 14 new hash to its safe boot DBX cancellation list. Luckily for you, this updated DBX file Microsoft’s patches are contained within the latest round of Tuesday update.
When installing the latest Windows updates, it may seem tiring at times, I highly recommend that you stop and take time to do so as Microsoft often includes fix for various safety flaws, while also add new features to its operating system.
Given that the patch occurs on the second Tuesday of every month on Tuesday, at least you know ahead of time when these very important updates will come. In this way, you can separate the time required to install them or set your PCs automatically to install it automatically.
When your antivirus can bypass software, the best identity theft security services to deal with safety flaws can help you recover your identity and at the same time any money lost from malware or other scams as their results. However, keep in mind that to pay for identity theft insurance, you need to sign up for one of these services before the attack.
Although this safe boot bypass is worrisome, it is worth noting that it was not exploited by hackers in the wild. Instead, security researchers made an exploitation to this to show how dangerous this defect could be if its knowledge ended in the wrong hands. Either way, it is a great reminder why it is so important to keep all the computers of your house for your PC (and for that case).
