Friday, May 12, 2023

What are the chances hackers will take the year off?

from here and here

There's a security vulnerability in the secure boot feature of modern computers. While the patch for this 0-day was already released, it won't be enabled by default until Q1 2024. That's a long time to wait for a fix. In theory you can probably enable this fix sooner than that, but most people aren't even going to be aware of it, so most of the vulnerable computer population will remain vulnerable for basically a year, giving attackers ample opportunity to take advantage of it.