![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello Satchul.
Welcome to Microsoft Community.
Regarding to your information I assume that you are worried about the Blacklotus CVE-2022-21894.
According to this website said this vulnerability seems to have an official patch from the manufacturer.
From the article posted on the Microsoft Security Blog, this attack needs remote administrative privileges on a target machine or physical
access to the device.
So for the personal user, if no people access your computer physically, you don't worry about an attack from the Black Lotus.
Normally, if your Defender is up to date and functioning properly, you don't need to worry about this.
If you really worry about it you can follow this article to make sure that your computer not be attacked by Black Lotus.
- Recently written bootloader files
- Staging directory artifacts created
- Registry key modified
- Windows Event logs entries generated
- Network behavior
- Boot Configuration log entries generated
If there is anything not clear, please do not hesitate to let me know.
Best Regards,
Tommy-MSFT | Microsoft Community Support Specialist