jnrjapan.blogg.se

Disabling Secure Boot puts a device at risk of being infected by a bootkit malware. Secure Boot helps prevent bootkit malware in the boot sequence. Secure Boot is recommended by Microsoft to make a safe and trusted path from the Unified Extensible Firmware Interface (UEFI) through the Windows kernel's Trusted Boot sequence. A bootkit is a malicious program that is designed to load as early as possible in a device’s sequence, in order to control the operating system start. This article describes the protection against the public disclosure of a Secure Boot security feature bypass by using the BlackLotus UEFI bootkit tracked by CVE-2023-24932 and how to enable the protections and guidance to update bootable media. Please be aware of all the possible implications and test thoroughly before applying the revocations that are outlined in this article to your device. Even reformatting of the disk will not remove the revocations if they have already been applied.

LessĬaution: Once the mitigation for this issue is enabled on a device, meaning the revocations have been applied, it cannot be reverted if you continue to use Secure Boot on that device. Windows Server 2012 Windows Embedded 8 Standard Windows Server 2012 R2 Windows Embedded 8.1 Industry Enterprise Windows Embedded 8.1 Industry Pro Windows 10 Windows 10 Education, version 1607 Windows 10 Professional version 1607 Windows 10 Enterprise, version 1607 Windows 10 Enterprise version 1607 Windows 10 Enterprise, version 1809 Windows 10 Professional Education version 1607 Windows 10 Pro Education, version 1607 Windows Server 2019 Windows Server 2022 Windows 10 Home and Pro, version 21H2 Windows 10 Enterprise and Education, version 21H2 Windows 10 IoT Enterprise, version 21H2 Windows 10 Home and Pro, version 22H2 Windows 10 Enterprise Multi-Session, version 22H2 Windows 10 Enterprise and Education, version 22H2 Windows 10 IoT Enterprise, version 22H2 Windows 11 Home and Pro, version 21H2 Windows 11 Enterprise Multi-Session, version 21H2 Windows 11 Enterprise and Education, version 21H2 Windows 11 IoT Enterprise, version 21H2 Windows 11 Home and Pro, version 22H2 Windows 11 Enterprise Multi-Session, version 22H2 Windows 11 Enterprise and Education, version 22H2 Windows 11 IoT Enterprise, version 22H2 Azure Stack HCI, version 22H2 More.