| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS16-094 | Security Update for Secure Boot (3177404) | Windows 8.1 | Important | 13-07-2016 |
Technical Information
Brief overview of the risk:
The vulnerability could allow Secure Boot security features to be bypassed if an attacker installs an affected policy on a target device. An attacker must have either administrative privileges or physical access to install a policy and bypass Secure Boot.
Detailed Information on the risk:
A security feature bypass vulnerability exists when Windows Secure Boot improperly applies an affected policy. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded on a target device. In addition, an attacker could bypass the Secure Boot Integrity Validation for BitLocker and the Device Encryption security features.
Windows 8.1 for 32-bit Systems Further information on this exploit is available at : MS16-094
Windows 8.1 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Affected Software
Windows 8.1 for 32-bit SystemsWindows 8.1 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows Server 2012
Windows Server 2012 R2