![]() ![]() Care should also be taken if the BitLocker group policy "Configure TPM platform validation profile for native UEFI firmware configurations" is enabled and PCR7 is selected by policy. In the KB article, Microsoft points out that some manufacturers do not allow the installation of this update. Microsoft states that the following installation sequence should be followed: Windows 10 1909/Windows Server, version 1909 Windows 10 1803/Windows Server, version 1803 Those who want to install the update should make sure that the servicing stack updates (SSUs) listed in the following table are installed. Windows 7 or 32-bit Windows versions are not supported. Security update KB4535680 is available for the following Windows versions when installed on UEFI hardware. ![]() Details about this vulnerability can be found in CVE-2020-0689 | Microsoft Secure Boot Security Feature Bypass Vulnerability. ![]() ![]() An attacker who successfully exploited this vulnerability could bypass Secure Boot and load untrusted software. The reason for this addition: a vulnerability has been found that allows bypassing security features in Secure Boot. The security update KB4535680 (Security update for Secure Boot DBX: January 12, 2021) brings improvements to the Secure Boot DBX for the supported Windows versions by adding new modules to the DBX. The Secure Boot Forbidden Signature Database (DBX) prevents the loading of UEFI modules. Windows devices with UEFI (Unified Extensible Firmware Interface)-based firmware can be operated with Secure Boot enabled. A German blog reader pointed out security update KB4535680 (Security update for Secure Boot DBX: January 12, 2021) in this comment. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |