Name of the Vulnerable Software and Affected Versions:

Microsoft UEFI firmware versions prior to the fixed version

Description:

A vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software, enabling attackers to control its value and leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. This could enable security bypasses, persistence mechanisms, or full system compromise. The vulnerability is related to the handling of the `IhisiParamBuffer` variable, which is stored in non-volatile memory. An attacker with admin rights can exploit this vulnerability to disable security and install bootkit malware.

Recommendations:

To resolve the issue, update the Microsoft UEFI firmware to the latest version that includes the fix for this vulnerability. Additionally, consider disabling the vulnerable UEFI module or restricting access to the `IhisiParamBuffer` variable until a patch is available. Apply patches now to safeguard systems, as Microsoft has patched the vulnerability in the June 2025 Patch Tuesday.