Windows 10: CVE-2024-21302 - Any experience applying the opt-in policy, risk too high?

Discus and support CVE-2024-21302 - Any experience applying the opt-in policy, risk too high? in Windows 10 Software and Apps to solve the problem; Hello,I have reviewed the associated KB article regarding the vulnerability CVE-2024-21302:... Discussion in 'Windows 10 Software and Apps' started by MatthewFagan, Feb 3, 2025.

  1. MATTHEWFAGAN
    MatthewFagan Win User

    CVE-2024-21302 - Any experience applying the opt-in policy, risk too high?


    Hello,I have reviewed the associated KB article regarding the vulnerability CVE-2024-21302: https://support.microsoft.com/en-us/topic/guidance-for-blocking-rollback-of-virtualization-based-security-vbs-related-security-updates-b2e7ebf4-f64d-4884-a390-38d63171b8d3Was wondering if anyone had any luck with implementing the opt-in policy? Based on the risk listed in the article it seems fairly high of causing disruptions to an organization due to boot loop scenario. The severity also seems low, even though it was used in a proof of concept exploit due to requiring local access and admin privileges

    :)
     
    MatthewFagan, Feb 3, 2025
    #1
Thema:

CVE-2024-21302 - Any experience applying the opt-in policy, risk too high?

Loading...

  1. CVE-2024-21302 - Any experience applying the opt-in policy, risk too high? - Similar Threads - CVE 2024 21302

  2. When will CVE-2024-7264 be remediated?

    in Windows 10 Gaming
    When will CVE-2024-7264 be remediated?: This is affecting Windows 2019 server and no fix has been put out for months. What is the timeline on this?libcurl's ASN1 parser code has the `GTime2str` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might...

  3. When will CVE-2024-7264 be remediated?

    in Windows 10 Software and Apps
    When will CVE-2024-7264 be remediated?: This is affecting Windows 2019 server and no fix has been put out for months. What is the timeline on this?libcurl's ASN1 parser code has the `GTime2str` function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might...

  4. CVE-2024-21302 - Any experience applying the opt-in policy, risk too high?

    in Windows 10 Gaming
    CVE-2024-21302 - Any experience applying the opt-in policy, risk too high?: Hello,I have reviewed the associated KB article regarding the vulnerability CVE-2024-21302: https://support.microsoft.com/en-us/topic/guidance-for-blocking-rollback-of-virtualization-based-security-vbs-related-security-updates-b2e7ebf4-f64d-4884-a390-38d63171b8d3Was wondering...

  5. security updates will not download cve-2024-30078

    in Windows 10 Software and Apps
    security updates will not download cve-2024-30078: windows update security will not download update CVE-2024-30078 and logofail update https://answers.microsoft.com/en-us/windows/forum/all/security-updates-will-not-download-cve-2024-30078/9dc409d8-c112-40e5-a279-c9cd6cb682f0

  6. CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

    in Windows 10 Software and Apps
    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...: Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportI deployed an August 2023 dated W10 image to a test laptop, applied the...

  7. CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

    in AntiVirus, Firewalls and System Security
    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...: Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportI deployed an August 2023 dated W10 image to a test laptop, applied the...

  8. CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

    in Windows 10 Gaming
    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...: Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportI deployed an August 2023 dated W10 image to a test laptop, applied the...

  9. Applocker policy applied but not working

    in AntiVirus, Firewalls and System Security
    Applocker policy applied but not working: Hi,I created an applocker policy using default rules to test before applying to production. Enforcement is set to Enforce Rules. Application Identity service is also enabled from the policy.On windows 10 client GPRESULT shows the policy was applied and the Application...

  10. applying local group policy

    in Windows 10 Performance & Maintenance
    applying local group policy: Hi ive no experience applying group policy settings. What I'm hoping for is that I can have certain registry configurations applied cross all users. If I downloaded a registry.pol configuration, how do I apply this actually? So I've copied the file to...