KB5012170: Microsoft August Patch Tuesday fixes essential Safe Boot GRUB vulnerability

Secure boot toggle screen with a skull danger sign on top

Microsoft launched the Patch Tuesday or Replace Tuesday for the month of August a few days in the past. You could find our protection right here:

On this month’s Patch, the Redmond firm additionally issued an essential repair associated to the Safe Boot DBX with its KB5012170 replace.

For these unaware, the Safe Boot Forbidden Signature Database or DBX is mainly a block-list for blacklisted UEFI executables that have been discovered to be dangerous. The most recent KB5012170 replace provides signatures of the recognized weak UEFI modules to the DBX, that means they are going to now not be capable of run after this replace. The signatures this time are associated to the GRand Unified Boot Loader (GRUB) vulnerability additionally referred to as BootHole.

The official Microsoft bulletin explains how the assault works:

Microsoft is conscious of a vulnerability within the GRand Unified Boot Loader (GRUB), generally utilized by Linux. This vulnerability, generally known as “There’s a Gap within the Boot”, may enable for Safe Boot bypass.

To use this vulnerability, an attacker would wish to have administrative privileges or bodily entry on a system the place Safe Boot is configured to belief the Microsoft Unified Extensible Firmware Interface (UEFI) Certificates Authority (CA). The attacker may set up an affected GRUB and run arbitrary boot code on the goal machine. After efficiently exploiting this vulnerability, the attacker may disable additional code integrity checks thereby permitting arbitrary executables and drivers to be loaded onto the goal machine.


Replace: August 9, 2022

Microsoft has launched standalone safety replace 5012170 to supply safety in opposition to the vulnerabilities described on this advisory.

The replace is relevant to the next Home windows and variations:

  • Home windows Server 2012
  • Home windows 8.1 and Home windows Server 2012 R2
  • Home windows 10, model 1507
  • Home windows 10, model 1607 and Home windows Server 2016
  • Home windows 10, model 1809 and Home windows Server 2019
  • Home windows 10, model 20H2
  • Home windows 10, model 21H1
  • Home windows 10, model 21H2
  • Home windows Server 2022
  • Home windows 11, model 21H2 (unique launch)
  • Azure Stack HCI, model 1809
  • Azure Stack Information Field, model 1809 (ASDB)

The obtain is obtainable by way of Home windows Replace as a part of the Patch Tuesday package deal, however it’s also possible to get the standalone replace from the Microsoft Replace Catalog web site right here. You could discover extra info on the official assist article right here.

Supply hyperlink

Leave a Comment

Your email address will not be published.