Kaspersky Says the Latest Windows 10 Update Bug (KB4524244) Isn’t Its Fault
Microsoft pulled back the February Patch Tuesday security update (KB4524244) released for Windows 10 that caused several issues for some of the users. The company said it's working with partners on an improved version of this particular update. It now appears that the update was supposed to fix a security vulnerability that was found in Kaspersky Rescue Disk - a tool to clean infected computers.
The vulnerability allowed attackers to run an untrusted UEFI image on a computer protected by Secure Boot technology. "This could be done by exploiting a custom UEFI loader used by Kaspersky Rescue Disk," Kaspersky noted. "Practical attack scenario required physical access to a computer."
While the antivirus maker had addressed the issue back in August 2019, it said that the Windows maker updated "a special database of revoked UEFI signatures (UEFI Revocation List File) in February 2020," to "prevent attacks against Secure Boot using doctored previous versions of Kaspersky Rescue Disk."
Here's what the KB4524244 update summary read:
Addresses an issue in which a third-party Unified Extensible Firmware Interface (UEFI) boot manager could expose UEFI-enabled computers to a security vulnerability.
Kaspersky clarifies it's not involved in the Windows 10 update (KB4524244) fixing process
In a blog post, Kaspersky says that the firm isn't involved in this update issue and that Microsoft hasn't reached out to it "concerning the update issue." The antivirus maker added that its products "have not been a cause of this issue."
As we had mentioned in our coverage of the issue, those who aren't experiencing any problems aren't required to remove the update. Kaspersky added that this update isn't vulnerable to the aforementioned security flaw. But you will have to install the replacement update when it's released by Microsoft to be fully secure.
If you are worried about physical attacks, Kaspersky recommends the following:
Vulnerable bootloaders might remain bootable on your system. You will need to install the modified update once it is released by Microsoft.
If you have concerns about physical attacks on your system, make sure you lock down boot order, protect BIOS with a password and put seals on cover screws.
We will update this space when Microsoft delivers a replacement for KB4524244.