CVE-2023-24932

Name of the Vulnerable Software and Affected Versions Windows versions prior to the fixed version

Description A security-feature bypass vulnerability allows attackers to affect the system. The issue is related to Secure Boot and can be exploited to bypass security mechanisms. It is estimated that many versions of Windows are affected, including the latest builds of Windows 11. The vulnerability can be exploited using a LAN cable and a second notebook, allowing attackers to decrypt the disk.

Recommendations As a temporary workaround, consider updating the Windows Boot Manager revocations for Secure Boot changes. Apply the manual steps required for the updated mitigation included in the April 9 updates. Update the core OS and WinRE before proceeding with the rest of the CVE-2023-24932 remediations. For Windows, update to the latest version that includes the fix for this issue, as provided in the July 9 Patch Tuesday release.