Windows 10: CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

Discus and support CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when... in Windows 10 Software and Apps to solve the problem; Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot... Discussion in 'Windows 10 Software and Apps' started by TimJButterworth, Aug 28, 2023.

  1. TIMJBUTTERWORTH
    TimJButterworth Win User

    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...


    Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportI deployed an August 2023 dated W10 image to a test laptop, applied the reg change etc and got the revocation changes to apply and the correct Event IDs to say the change was working.I then deployed another recent W10 image to the same device. The image installed fine, I updated it to latest CU and applied the reg change for the revocation policy which the Event Log says applied successfully.H

    :)
     
    TimJButterworth, Aug 28, 2023
    #1
  2. BRINK
    Brink Win User

    Additional guidance for devices using Secure Boot for CVE-2023-24932

    Read more: https://support.microsoft.com/en-us/...3-b3ff139f832d
     
    Brink, Aug 28, 2023
    #2
  3. MITCHELL - MSFT
    Mitchell - MSFT Win User
    Question about applying the revocations for CVE-2023-24932 (Black Lotus)

    Hello Kernel,



    Welcome to Microsoft Community.



    Microsoft has been aggressively fighting BlackLotus since it came out, but it could take months to go through all the process.

    But this issue is out of reach of the response support community. It is more suitable for publishing on Microsoft Learn . You can click on "Ask a question", there are experts who can provide more professional solutions in that place.

    I have found some of the relevant links for you, and you will find lively discussions among users and experts.

    HKLM\SYSTEM\CurrentControlSet\Control\Secureboot /v AvailableUpdates after PC restart.

    Will CVE-2023-24932 applied revocations on servers void our backups?

    CVE-2023-24932, shall I deploy the patches on Windows 10?

    Best regards,

    Mitchell - | Microsoft community support expert from MSFT
     
    Mitchell - MSFT, Aug 28, 2023
    #3
  4. ANDY WONG2
    Andy Wong2 Win User

    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

    KB5025885: APPLY revocations to protect against the vulnerability in CVE-2023-24932.

    I follow this KB KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft Support

    After installing the Windows updates released on or after July 11, 2023, open a Command Prompt window running as an Administrator, type the following command and then press Enter:

    reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Secureboot /v AvailableUpdates /t REG_DWORD /d 0x30 /f

    The value of AvailableUpdates, set as REG_DWORD with a value of 0x30 and enforced through either manual resetting or Group Policy Object (GPO), consistently reverts back to its default value of 0. This issue occurs across both Windows 10 and Windows 11 workstations.

    Best regards,
     
    Andy Wong2, Aug 28, 2023
    #4
Thema:

CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

Loading...

  1. CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when... - Similar Threads - CVE 2023 24932

  2. Struggling with CVE-2023-24932 BlackLotus

    in Windows 10 Gaming
    Struggling with CVE-2023-24932 BlackLotus: We have around 1,500 clients. I've been struggling with the patch since October due to the 4x or 8x reboots required for the workaround.This week, I discovered on the MS Security page that the February update has closed this vulnerability."Feb 11, 2025The following updates...

  3. Struggling with CVE-2023-24932 BlackLotus

    in Windows 10 Software and Apps
    Struggling with CVE-2023-24932 BlackLotus: We have around 1,500 clients. I've been struggling with the patch since October due to the 4x or 8x reboots required for the workaround.This week, I discovered on the MS Security page that the February update has closed this vulnerability."Feb 11, 2025The following updates...

  4. Windows UEFI CA 2023 signed wdsmgfw.efi - CVE-2023-24932

    in Windows 10 Software and Apps
    Windows UEFI CA 2023 signed wdsmgfw.efi - CVE-2023-24932: We are in the process of testing mitigations for CVE-2023-24932. We have working USB and DVD boot media. I cannot seem to find wdsmgfw.efi for our PXE server that is signed with Windows UEFI CA 2023. I took a quick look through windows11.0-kb5036893-x64 package and did not...

  5. CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

    in AntiVirus, Firewalls and System Security
    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...: Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportI deployed an August 2023 dated W10 image to a test laptop, applied the...

  6. CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

    in Windows 10 Gaming
    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...: Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportI deployed an August 2023 dated W10 image to a test laptop, applied the...

  7. Question about applying the revocations for CVE-2023-24932 Black Lotus

    in Windows 10 Gaming
    Question about applying the revocations for CVE-2023-24932 Black Lotus: Hi! Following the Microsoft guide: https://support.microsoft.com/help/5025885 to mitigate the Black Lotus vulnerability, I am trying to verify that the implementations have been applied correctly.I open Event Viewer and search for Event ID 1035, which confirms that Dbx...

  8. Question about applying the revocations for CVE-2023-24932 Black Lotus

    in Windows 10 Software and Apps
    Question about applying the revocations for CVE-2023-24932 Black Lotus: Hi! Following the Microsoft guide: https://support.microsoft.com/help/5025885 to mitigate the Black Lotus vulnerability, I am trying to verify that the implementations have been applied correctly.I open Event Viewer and search for Event ID 1035, which confirms that Dbx...

  9. KB5025885: APPLY revocations to protect against the vulnerability in CVE-2023-24932.

    in Windows 10 Gaming
    KB5025885: APPLY revocations to protect against the vulnerability in CVE-2023-24932.: I follow this KB KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportAfter installing the Windows updates released on or after July 11, 2023, open a Command Prompt window running as an...

  10. KB5025885: APPLY revocations to protect against the vulnerability in CVE-2023-24932.

    in Windows 10 Software and Apps
    KB5025885: APPLY revocations to protect against the vulnerability in CVE-2023-24932.: I follow this KB KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportAfter installing the Windows updates released on or after July 11, 2023, open a Command Prompt window running as an...