check before: 2024-04-09
Product:
Office 365 general, Windows
Platform:
Windows Desktop, World tenant
Status:
Change type:
Admin impact
Links:
Details:
Windows updates released July 11, 2023 and later include security measures which protect against a Secure Boot bypass vulnerability disclosed in CVE-2023-24932. Secure Boot is a Windows security feature designed to protect devices from bootkit malware.
Windows security updates include options to manually enable protections against Secure Boot bypass beginning July 11, 2023. Enforcement and deployment phases for these protections are coming with updates being released on April 9, 2024, and throughout 2024. For detailed information, see KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932.
When will this happen:
April 9, 2024 or later - Third Deployment Phase
Windows updates released on and after this date will provide new mitigations to block additional vulnerable boot managers.
October 8, 2024 or later - Mandatory Enforcement Phase
Windows updates released on and after this date which are installed to affected systems will enforce the Code Integrity Boot policy and Secure Boot disallow list revocations related to this hardening. There will be no option to disable this enforcement after this update.
The Mandatory Enforcement Phase described above is the final phase of these security hardening measures.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2024-01-19
updated:
2024-01-19
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
Last updated 11 months ago ago
