Windows users who may have overlooked the monthly updates from Microsoft should take particular note of the June releases. This latest batch of patches addresses a significant vulnerability that poses a risk of allowing an attacker to gain control over a PC via bootkit malware.
Identified as CVE-2025-3052, this Secure Boot bypass flaw has been characterized as a serious concern by Alex Matrosov, a security researcher at Binarly, who first uncovered the issue. In a recent blog post, Matrosov elaborated on the nature of the vulnerability, describing it as a memory corruption issue that exploits Microsoft’s Secure Boot feature.
“Attackers can exploit this vulnerability to run unsigned code during the boot process, effectively bypassing Secure Boot and compromising the system’s chain of trust,” Matrosov explained. “Because the attacker’s code executes before the operating system even loads, it opens the door for attackers to install bootkits and undermine OS-level security defenses.”
Crafty and dangerous malware
Bootkit malware is particularly insidious. By executing before the operating system boots, it can evade standard security measures and remain undetected. This type of malware not only allows attackers to control the PC but also opens avenues for further infections or unauthorized access to sensitive information. Ironically, Microsoft introduced Secure Boot specifically to prevent such malware from loading during the startup process. This feature is available on PCs utilizing Unified Extensible Firmware Interface (UEFI) firmware, which serves as a modern alternative to the older BIOS firmware.
In this instance, the vulnerability permits an attacker to bypass Secure Boot by signing a compromised UEFI application with Microsoft’s third-party certificates, effectively granting it unrestricted execution rights. While the flaw has not yet been exploited in real-world scenarios, the vulnerable application has been present since late 2022 and was discovered by Matrosov on the VirusTotal security site.
How to protect your PC
Fortunately, Microsoft has released a patch to address this flaw. Users of Windows 10 or 11 can navigate to Settings, select Windows Update, and download the latest updates. A simple reboot will ensure that their PC is safeguarded against this vulnerability.
June’s Patch Tuesday rollout also rectifies a total of 66 weaknesses, including nine categorized as critical. Among these is a second Secure Boot flaw, designated CVE-2025-4275, as well as a zero-day vulnerability labeled CVE-2025-33053.
Stay informed and receive the latest updates by subscribing to our Tech Today newsletter.
