luxurygre.blogg.se - Windows 11 secure boot

You can view the support article under KB5025885 here.Why it matters: Microsoft has issued guidance for fixing a serious Secure Boot vulnerability that affects all Windows systems and is actively being exploited in the wild.

Corrected placement of Hyper-V UEFI images in the "Troubleshooting boot issues" section.

Corrected the commands in Step 3a of the "Deploment guidelines" section.

Updated Step1 of the "Deployment guidelines" section.

Updated Step 1 of the "Take Action" section.

Added additional supported versions to the "Applies to"section.

Corrected the spelling of the word "Forbidden".

Clarified that downloadable Windows media updated with the latest Cumulative Updates will soon be available.

Added a CAUTION note to Step 1 in the "Deployment guidelines" section about upgrading to Windows 11, version 21H2 or 22H2, or some versions of Windows 10.

There are many more changes other than these two. A cautionary note was added related to "Deployment guidelines". Update: Microsoft has made some changes to its support article since we published it. You can find more details on the issue Microsoft's support article here ( KB5025885).

APPLY revocations to protect against the vulnerability in CVE-2023-24932.

If you do not create your own media, you will need to get the updated official media from Microsoft or your device manufacturer (OEM).

UPDATE your bootable media with Windows updates released on or after May 9, 2023.

INSTALL the May 9, 2023, updates on all supported versions and then restart the device before applying the revocations.

Bootable media will fail to start if all steps are not completed in order. Important Steps must be done in the following order and completed before moving to the next step. Microsoft has also published the steps to be taken to install the update and secure the system:

Two revocation files which can be manually applied (a Code Integrity policy and an updated Secure Boot disallow list (DBX)).Updates for Windows released on or after to address vulnerabilities discussed in CVE-2023-24932.In this release, to mitigate CVE-2023-24932, the Windows Updates for will include: Tracked under CVE-2023-24932, Microsoft says that today's Patch Tuesday marks the initial deployment phase of the security update: