Security 10770 Published by

Microsoft has published KB5016061: Addressing vulnerable and revoked Boot Managers.



KB5016061: Addressing vulnerable and revoked Boot Managers

To help keep Windows devices secure, Microsoft adds vulnerable bootloader modules to the Secure Boot DBX revocation list to invalidate the vulnerable modules. When the updated DBX revocation list is applied to a device, Windows checks to determine whether one of the vulnerable modules could potentially be used to start the device. If one of the vulnerable modules is detected, the update to the DBX list is deferred. On each restart, the device is rescanned to determine whether the vulnerable module is updated and if it's safe to apply the updated DBX list.

When one of these vulnerable modules is detected on the device, an event log entry is created warning about the situation and includes the name of the detected module. 

KB5016061: Addressing vulnerable and revoked Boot Managers