MS16-100: Security Update for Secure Boot (3179577)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is affected by a security bypass
vulnerability.

Description :

The remote Windows host is missing a security update. It is,
therefore, affected by a security bypass vulnerability in Secure Boot
due to improper handling of malicious boot managers. An attacker with
administrative privileges can exploit this vulnerability to bypass
code integrity checks and load test-signed executables and drivers.

See also :

https://technet.microsoft.com/library/security/MS16-100

Solution :

Microsoft has released a set of patches for Windows 2012, 8.1, RT 8.1,
2012 R2, and 10. Alternatively, as a workaround, configure BitLocker
to use Trusted Platform Module (TPM)+PIN protection or disable Secure
Boot integrity protection of BitLocker per the vendor advisory.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 6.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 92822 ()

Bugtraq ID: 92304

CVE ID: CVE-2016-3320

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now