MS16-140: Security Update for Boot Manager (3193479)
High Nessus Plugin ID 94641
SynopsisThe remote host is affected by a security bypass vulnerability.
DescriptionThe remote Windows host is missing a security update. It is, therefore, affected a security bypass vulnerability in Windows Secure Boot due to the use of an insecure boot policy in firmware. A local attacker can exploit this issue to disable code integrity checks, allowing test-signed executables and drivers to be loaded onto a target device.
SolutionMicrosoft has released a set of patches for Windows 2012, 8.1, RT 8.1, 2012 R2, 10, and 2016.