MS16-100: Security Update for Secure Boot (3179577)
High Nessus Plugin ID 92822
SynopsisThe remote Windows host is affected by a security bypass vulnerability.
DescriptionThe remote Windows host is missing a security update. It is, therefore, affected by a security bypass vulnerability in Secure Boot due to improper handling of malicious boot managers. An attacker with administrative privileges can exploit this vulnerability to bypass code integrity checks and load test-signed executables and drivers.
SolutionMicrosoft has released a set of patches for Windows 2012, 8.1, RT 8.1, 2012 R2, and 10. Alternatively, as a workaround, configure BitLocker to use Trusted Platform Module (TPM)+PIN protection or disable Secure Boot integrity protection of BitLocker per the vendor advisory.