For Microsoft to fully address the issue, they need to make irreversible changes to the Windows boot manager. This means that the fix will render current Windows boot media unbootable, potentially disrupting the system and preventing it from starting up if not enabled correctly. The device with the fix won’t be able to boot from older, unpatched bootable media, such as system backups and network boot drives.
The update will be rolled out in phases over the next few months to prevent computers from getting bricked. There will be multiple versions of the patch, with each update being somewhat easier to enable. The third update will enable the fix for everyone and is expected to be released in the first quarter of 2024. BlackLotus is the first bootkit known to be used in the wild to bypass Secure Boot protections, and threat actors need physical access to the device or an account with system admin privileges.
