#Lenovo: Hey there is a #Bios update

Me: Let's install it!

#Microsoft #Defender: We just blocked a threat! We are #SECURE \o/

Me: What threat?

#Microsoft: LoL not going to tell you 🙊

Me: Lets search for: "Defender ASR blocks Lenovo Bios Update"

Lenovo: To update the bios you need to temporary disable your #DefenderASR rules

Me: FFS I guess we won't ever update this Bios throws hands in the air

@sassdawe "What threat?" -> The CVE-2025-47827 Secure Boot bypass is marked as exploited itw, but I'm not sure how that relates to Lenovo.

@buherator Defender doesn't like something about the bios updater but I can't see what because I am not an admin and can't UAC in the threat history view

@sassdawe Sorry, I need more coffee...

@sassdawe this sounds like a similar theme to "our heuristic based EDR saw the license protection in this file as a threat and so it quarantined the entire install" chapter of the "your/our cybersecurity posture is based heavily on broken assumptions" guide to corporate tooling.