Kaspersky Says It Had Nothing To Do With Microsoft's Botched KB4524244 Update
Not long ago, Microsoft issued the KB4524244 cumulative update meant to address a security vulnerability in a third-party UEFI boot manager. As many Windows updates have done in recent months, this one caused additional problems, including leaving some users unable to reset the computer or reboot. Kaspersky has now stepped up and said that the KB4524244 update was to address a vulnerability that was found in its Kaspersky Rescue Disk program that was publicly disclosed in April 2019 and fixed in August 2019. Kaspersky is specific in that it was not involved in the update, and Microsoft didn't reach out to it concerning the update issue.
Kaspersky Rescue Disk is a free tool that allowed users to clean an infected computer even if the operating system wouldn't load. Kaspersky also admits that the vulnerability made it possible to run an untrusted UEFI image on a computer protected by Secure Boot technology. It also notes that the attack scenario required physical access to the computer. Kaspersky endpoint security products have been able to detect attempts to exploit this vulnerability since April 2019.
Kaspersky does say that after a detailed internal analysis, its experts have concluded that its products could not have caused the issues seen with KB4524244. The company says that users with the update installed don't need to remove it, and that they can use the computer as usual. It says that users need to use a recent version of Rescue Disk if the need for the product arises.
As for those who've already uninstalled the KB4524244 update, Kaspersky says that vulnerable boot loaders may remain bootable on their system, and they need to install the modified update once Microsoft releases it. The company reminds again that its endpoint protection products have been able to detect the exploits Microsoft's update was supposed to patch since April 2019. Windows users who prefer to remove the KB4524244 update can do so.