Rapid7 Vulnerability & Exploit Database

MS16-094: Security Update for Secure Boot (3177404)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

MS16-094: Security Update for Secure Boot (3177404)

Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:N)
Published
07/12/2016
Created
07/25/2018
Added
07/12/2016
Modified
11/18/2021

Description

A security feature bypass vulnerability exists when Windows Secure Boot improperly applies an affected policy. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded on a target device. In addition, an attacker could bypass the Secure Boot Integrity Validation for BitLocker and the Device Encryption security features.

Solution(s)

  • WINDOWS-HOTFIX-MS16-084-22658655-0e69-4d2c-ace5-64d42eeb0e6f
  • WINDOWS-HOTFIX-MS16-084-7f722a3c-887f-41db-ae8a-a0fee28b4ae5
  • WINDOWS-HOTFIX-MS16-084-ac8d2656-7f38-4645-9b76-b43bc0f125bd
  • WINDOWS-HOTFIX-MS16-084-f227a554-3fe1-4e74-af64-0bd89596ca41
  • WINDOWS-HOTFIX-MS16-094-2ba897ac-9e33-4bad-b248-ec8390557b0e
  • WINDOWS-HOTFIX-MS16-094-3325f3b8-fa4a-456a-8049-452c020758f9
  • WINDOWS-HOTFIX-MS16-094-751ab355-b90c-4124-919c-e3a4f51aa2d8
  • WINDOWS-HOTFIX-MS16-094-7df947fe-5043-4812-a7a4-3e02af572979
  • WINDOWS-HOTFIX-MS16-094-d7b1ee04-15d8-4438-bb34-e08094409540
  • WINDOWS-HOTFIX-MS16-094-ed623536-c37c-48d5-8bff-b0adb1ba592a

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;