Lucene search
Microsoft Security Response CenterMSRC:B6D99DE000A5A8E0E59B4C489E2485C1HistoryMay 09, 2023 - 7:00 a.m.
Guidance related to Secure Boot Manager changes associated with CVE-2023-24932
2023-05-0907:00:00
Microsoft Security Response Center
msrc.microsoft.com
13
secure boot
manager changes
cve-2023-24932
blacklotus bootkit
uefi level
configuration guidance
vulnerability
Summary Today, Microsoft is releasing CVE-2023-24932, and associated configuration guidance, to address a Secure Boot bypass vulnerability used by the BlackLotus bootkit to exploit CVE-2022-21894. Customers will need to closely follow the configuration guidance to fully protect against this vulnerability. This vulnerability allows an attacker to execute self-signed code at the Unified Extensible Firmware Interface (UEFI) level while Secure Boot is enabled.
Related
msrc
msrc
CVE-2023-24932 に関連するセキュア ブート マネージャーの変更に関するガイダンス
2023-05-09 07:00:00
thn
thn
trellix
trellix
The Bug Report - May 2023 Edition
2023-06-07 00:00:00
The Bug Report - May 2023 Edition
2023-06-07 00:00:00
cvelist
cvelist
CVE-2022-21894 Secure Boot Security Feature Bypass Vulnerability
2022-01-11 20:22:58
CVE-2023-24932 Secure Boot Security Feature Bypass Vulnerability
2023-05-09 17:03:07
schneier
schneier
BlackLotus Malware Hijacks Windows Secure Boot Process
2023-03-08 11:11:14
Microsoft Secure Boot Bug
2023-05-17 11:01:08
prion
prion
Security feature bypass
2022-01-11 21:15:00
Security feature bypass
2023-05-09 18:15:00
mscve
mscve
Secure Boot Security Feature Bypass Vulnerability
2022-01-11 08:00:00
Secure Boot Security Feature Bypass Vulnerability
2023-05-09 07:00:00
Secure Boot Security Feature Bypass Vulnerability
2024-04-09 07:00:00
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2022-08-09 15:53:48
Exploit for Vulnerability in Microsoft
2023-09-26 05:52:36
Exploit for Vulnerability in Microsoft
2022-08-18 23:45:47
mssecure
mssecure
mmpc
mmpc
attackerkb
attackerkb
CVE-2022-21894
2022-01-11 00:00:00
CVE-2023-24932
2023-05-09 00:00:00
cve
cve
CVE-2023-24932
2023-05-09 18:15:12
CVE-2022-21894
2022-01-11 21:15:00
veeam
veeam
Support Statement regarding Microsoft CVE-2023-24932
2023-05-24 00:00:00
rapid7blog
rapid7blog
How To Hunt For UEFI Malware Using Velociraptor
2024-02-29 17:32:12
Patch Tuesday - May 2023
2023-05-09 20:02:02
Patch Tuesday - January 2022
2022-01-11 21:41:56
krebs
krebs
Microsoft Patch Tuesday, May 2023 Edition
2023-05-10 01:19:58
talosblog
talosblog
malwarebytes
malwarebytes
Update now! May 2023 Patch Tuesday tackles three zero-days
2023-05-10 05:00:00
avleonov
avleonov
nessus
nessus
KB5026427: Windows Server 2008 Security Update (May 2023)
2023-05-09 00:00:00
KB5026426: Windows Server 2008 R2 Security Update (May 2023)
2023-05-09 00:00:00
KB5026382: Windows 10 LTS 1507 Security Update (May 2023)
2023-05-09 00:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, May 2023 Security Update Review
2023-05-09 21:24:08
kaspersky
kaspersky
KLA49156 Multiple vulnerabilities in Microsoft Products (ESU)
2023-05-09 00:00:00
KLA49154 Multiple vulnerabilities in Microsoft Windows
2023-05-09 00:00:00
KLA12422 Multiple vulnerabilities in Microsoft Windows
2022-01-11 00:00:00
securelist
securelist
IT threat evolution in Q2 2023. Non-mobile statistics
2023-08-30 10:00:41
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5026382)
2023-05-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5026361)
2023-05-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5009624)
2022-01-12 00:00:00
mskb
mskb
May 9, 2023—KB5026361 (OS Builds 19042.2965, 19044.2965, and 19045.2965)
2023-05-09 07:00:00
January 11, 2022—KB5009595 (Security-only update)
2022-01-11 08:00:00
January 11, 2022—KB5009586 (Monthly Rollup)
2022-01-11 08:00:00
ics
ics
Siemens RUGGEDCOM APE1808 Product Family
2023-09-14 12:00:00
hp
hp
HP ThinPro 8.0 SP 7 Security Updates
2024-01-26 00:00:00
7.5 High
AI Score
Confidence
Low
0.139 Low
EPSS
Percentile
95.6%
Related for MSRC:B6D99DE000A5A8E0E59B4C489E2485C1