This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote host is affected by a security bypass vulnerability.
The remote Windows host is missing a security update. It is,
therefore, affected by a security bypass vulnerability in the Secure
Boot component due to improperly applying an affected policy. An
attacker who has either administrative privileges or access to the
host can exploit this issue, via installing a crafted policy, to
disable code integrity checks, thus allowing test-signed executables
and drivers to be loaded on the target host. Moreover, the attacker
can exploit this issue to bypass the Secure Boot integrity validation
for BitLocker and the device encryption security features.
See also :
Microsoft has released a set of patches for Windows 2012, 8.1, RT 8.1,
2012 R2, and 10
Risk factor :
High / CVSS Base Score : 9.0
CVSS Temporal Score : 6.7
Public Exploit Available : false