MS16-094: Security Update for Secure Boot (3177404)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a security bypass vulnerability.

Description :

The remote Windows host is missing a security update. It is,
therefore, affected by a security bypass vulnerability in the Secure
Boot component due to improperly applying an affected policy. An
attacker who has either administrative privileges or access to the
host can exploit this issue, via installing a crafted policy, to
disable code integrity checks, thus allowing test-signed executables
and drivers to be loaded on the target host. Moreover, the attacker
can exploit this issue to bypass the Secure Boot integrity validation
for BitLocker and the device encryption security features.

See also :

https://technet.microsoft.com/library/security/MS16-094

Solution :

Microsoft has released a set of patches for Windows 2012, 8.1, RT 8.1,
2012 R2, and 10

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 6.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 92025 ()

Bugtraq ID: 91604

CVE ID: CVE-2016-3287

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now