Windows 10: Question about applying the revocations for CVE-2023-24932 Black Lotus

Discus and support Question about applying the revocations for CVE-2023-24932 Black Lotus in Windows 10 Gaming to solve the problem; Hi! Following the Microsoft guide: https://support.microsoft.com/help/5025885 to mitigate the Black Lotus vulnerability, I am trying to verify that the... Discussion in 'Windows 10 Gaming' started by Kernel9000, Jul 26, 2023.

  1. KERNEL9000
    Kernel9000 Win User

    Question about applying the revocations for CVE-2023-24932 Black Lotus


    Hi! Following the Microsoft guide: https://support.microsoft.com/help/5025885 to mitigate the Black Lotus vulnerability, I am trying to verify that the implementations have been applied correctly.I open Event Viewer and search for Event ID 1035, which confirms that Dbx updates have been applied correctly.However, I am missing Event ID 276 that verifies that the boot-manager loads SKUSiPolicy.p7b correctly.I have followed the instructions step by step on several Windows 11 computers with the same result.Why am I missing Event ID 276?From Microsofts guide:Event ID 1035 shows up, verifying t

    :)
     
    Kernel9000, Jul 26, 2023
    #1
  2. BRINK
    Brink Win User

    Additional guidance for devices using Secure Boot for CVE-2023-24932

    Read more: https://support.microsoft.com/en-us/...3-b3ff139f832d
     
    Brink, Jul 26, 2023
    #2
  3. ANDY WONG2
    Andy Wong2 Win User
    KB5025885: APPLY revocations to protect against the vulnerability in CVE-2023-24932.

    I follow this KB KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft Support

    After installing the Windows updates released on or after July 11, 2023, open a Command Prompt window running as an Administrator, type the following command and then press Enter:

    reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Secureboot /v AvailableUpdates /t REG_DWORD /d 0x30 /f

    The value of AvailableUpdates, set as REG_DWORD with a value of 0x30 and enforced through either manual resetting or Group Policy Object (GPO), consistently reverts back to its default value of 0. This issue occurs across both Windows 10 and Windows 11 workstations.

    Best regards,
     
    Andy Wong2, Jul 26, 2023
    #3
  4. PRASAD MANIKANDAN
    Prasad Manikandan Win User

    Question about applying the revocations for CVE-2023-24932 Black Lotus

    KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932

    Hi Team,

    Regarding CVE-2023-24932,

    As per the below instructions it is not possible to update the bootable media manually for all the machines in an organization, do we have any alternative for this?

    Please revert back us ASAP, or route us to get the proper support on this.


    Question about applying the revocations for CVE-2023-24932 Black Lotus nUEthv2Xu0%2fK1aA1zaF6oeCUR5Jl6VbgU7qvbHliyzI9G1JOscZIwTmTZPamswjlyUA4CWKMHhUuAiyF5PHPZXPX7XM%3d.png


    Thank you,

    Regards,

    ,
     
    Prasad Manikandan, Jul 26, 2023
    #4
Thema:

Question about applying the revocations for CVE-2023-24932 Black Lotus

Loading...

  1. Question about applying the revocations for CVE-2023-24932 Black Lotus - Similar Threads - Question applying revocations

  2. Struggling with CVE-2023-24932 BlackLotus

    in Windows 10 Gaming
    Struggling with CVE-2023-24932 BlackLotus: We have around 1,500 clients. I've been struggling with the patch since October due to the 4x or 8x reboots required for the workaround.This week, I discovered on the MS Security page that the February update has closed this vulnerability."Feb 11, 2025The following updates...

  3. Struggling with CVE-2023-24932 BlackLotus

    in Windows 10 Software and Apps
    Struggling with CVE-2023-24932 BlackLotus: We have around 1,500 clients. I've been struggling with the patch since October due to the 4x or 8x reboots required for the workaround.This week, I discovered on the MS Security page that the February update has closed this vulnerability."Feb 11, 2025The following updates...

  4. Windows UEFI CA 2023 signed wdsmgfw.efi - CVE-2023-24932

    in Windows 10 Software and Apps
    Windows UEFI CA 2023 signed wdsmgfw.efi - CVE-2023-24932: We are in the process of testing mitigations for CVE-2023-24932. We have working USB and DVD boot media. I cannot seem to find wdsmgfw.efi for our PXE server that is signed with Windows UEFI CA 2023. I took a quick look through windows11.0-kb5036893-x64 package and did not...

  5. CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

    in Windows 10 Software and Apps
    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...: Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportI deployed an August 2023 dated W10 image to a test laptop, applied the...

  6. CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

    in AntiVirus, Firewalls and System Security
    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...: Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportI deployed an August 2023 dated W10 image to a test laptop, applied the...

  7. CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...

    in Windows 10 Gaming
    CVE-2023-24932 revocation policy applied successfully on test device, but "not found" when...: Hi All,I'm preparing for when CVE-2023-24932 comes into full force: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportI deployed an August 2023 dated W10 image to a test laptop, applied the...

  8. Question about applying the revocations for CVE-2023-24932 Black Lotus

    in Windows 10 Software and Apps
    Question about applying the revocations for CVE-2023-24932 Black Lotus: Hi! Following the Microsoft guide: https://support.microsoft.com/help/5025885 to mitigate the Black Lotus vulnerability, I am trying to verify that the implementations have been applied correctly.I open Event Viewer and search for Event ID 1035, which confirms that Dbx...

  9. KB5025885: APPLY revocations to protect against the vulnerability in CVE-2023-24932.

    in Windows 10 Gaming
    KB5025885: APPLY revocations to protect against the vulnerability in CVE-2023-24932.: I follow this KB KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportAfter installing the Windows updates released on or after July 11, 2023, open a Command Prompt window running as an...

  10. KB5025885: APPLY revocations to protect against the vulnerability in CVE-2023-24932.

    in Windows 10 Software and Apps
    KB5025885: APPLY revocations to protect against the vulnerability in CVE-2023-24932.: I follow this KB KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft SupportAfter installing the Windows updates released on or after July 11, 2023, open a Command Prompt window running as an...