Impact of Secure Boot Security Feature Bypass Vulnerability CVE-2023-24932 on Backup Exec

book

Article ID: 100063322

calendar_today

Updated On:

Description

Error Message

N/A

Cause

A vulnerability was found in Microsoft Windows and classified as Important.

To exploit the vulnerability, an attacker who has physical access or administrative rights to a target device could install an affected boot policy. An attacker who successfully exploited this vulnerability could bypass Secure Boot.

Secure Boot Security Feature Bypass Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932

KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932
https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d

Resolution

Create Simplified Disaster Recovery (SDR) boot media (.ISO) after the latest Windows Update.

With fresh SDR ISO, customers would be safe from vulnerability.

Step by step guide for Simplified Disaster Recovery (SDR) with Backup Exec
https://www.veritas.com/support/en_US/article.100033528

If SDR ISO cannot be created for any reason, customers may need to disable the secure boot option and recover the box. Once after successful recovery, enable the secure boot option.

Issue/Introduction

Vulnerability CVE-2023-24932 has been reported against Microsoft Windows.

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"