| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS16-140 | Security Update for Boot Manager (3193479) | Windows 8.1 | Important | 09-11-2016 |
Technical Information
Brief overview of the risk:
The vulnerability could allow security feature bypass if a physically-present attacker installs an affected boot policy.
Detailed Information on the risk:
A security feature bypass vulnerability exists when Windows Secure Boot improperly loads a boot policy that is affected by the vulnerability. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded onto a target device.
The security update addresses the vulnerability by revoking affected boot policies in the firmware. The revocation protection level depends upon platform firmware
Windows 8.1 for 32-bit Systems The security update addresses the vulnerability by revoking affected boot policies in the firmware. The revocation protection level depends upon platform firmware
Further information on this exploit is available at : MS16-140
Windows 8.1 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Affected Software
Windows 8.1 for 32-bit SystemsWindows 8.1 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2