Microsoft Secure Boot Security 0-Day Lets Attackers Steal The Admin Credentials
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
A significant security vulnerability, identified as CVE-2023-24932, has been discovered in Microsoft’s Secure Boot feature.
This vulnerability allows attackers to bypass Secure Boot, potentially leading to the theft of admin credentials. The vulnerability was first disclosed on May 9, 2023, and has been updated as recently as February 11, 2025.
CVE-2023-24932 is classified as a Security Feature Bypass vulnerability with a CVSS score of 6.7 (Base) and 6.2 (Temporal).
The CVSS vector string is CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C.
This indicates that the vulnerability requires high privileges (PR:H) to exploit, meaning an attacker must have administrative rights or physical access to the device.
Researchers at Microsoft detected that to exploit this vulnerability, an attacker can install an affected boot policy, which could allow them to bypass Secure Boot protections.
Secure Boot is a critical security feature designed to ensure that only authorized firmware and operating systems can run on a device, preventing malicious code from executing during the boot process.
Impact and Mitigation
The vulnerability affects various versions of Windows, including Windows 11 and Windows Server 2022. Microsoft has released security updates to address this issue, but additional steps are required to fully mitigate the vulnerability.
For Windows 11 Version 23H2 and Windows Server 2022, 23H2 Edition, users must manually enable the protections.
In February 2025, Microsoft continued to address this vulnerability with additional updates.
Users are advised to install the latest security patches and follow the guidelines provided by Microsoft as to ensure their systems are protected, as the flaw has been already fixed at Feb update.
The CVE-2023-24932 vulnerability shows the importance of keeping systems updated and ensuring that security features like Secure Boot are properly configured.
Users should take proactive steps to enable the necessary protections and stay informed about the latest security updates to safeguard their devices against potential threats.
#Cyber_Security_News #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Microsoft Secure Boot Security 0-Day Lets Attackers Steal The Admin Credentials
Author: Tushar Subhra DuttaA significant security vulnerability, identified as CVE-2023-24932, has been discovered in Microsoft’s Secure Boot feature.
This vulnerability allows attackers to bypass Secure Boot, potentially leading to the theft of admin credentials. The vulnerability was first disclosed on May 9, 2023, and has been updated as recently as February 11, 2025.
CVE-2023-24932 is classified as a Security Feature Bypass vulnerability with a CVSS score of 6.7 (Base) and 6.2 (Temporal).
The CVSS vector string is CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C.
This indicates that the vulnerability requires high privileges (PR:H) to exploit, meaning an attacker must have administrative rights or physical access to the device.
Researchers at Microsoft detected that to exploit this vulnerability, an attacker can install an affected boot policy, which could allow them to bypass Secure Boot protections.
Secure Boot is a critical security feature designed to ensure that only authorized firmware and operating systems can run on a device, preventing malicious code from executing during the boot process.
Impact and Mitigation
The vulnerability affects various versions of Windows, including Windows 11 and Windows Server 2022. Microsoft has released security updates to address this issue, but additional steps are required to fully mitigate the vulnerability.
For Windows 11 Version 23H2 and Windows Server 2022, 23H2 Edition, users must manually enable the protections.
In February 2025, Microsoft continued to address this vulnerability with additional updates.
Users are advised to install the latest security patches and follow the guidelines provided by Microsoft as to ensure their systems are protected, as the flaw has been already fixed at Feb update.
The CVE-2023-24932 vulnerability shows the importance of keeping systems updated and ensuring that security features like Secure Boot are properly configured.
Users should take proactive steps to enable the necessary protections and stay informed about the latest security updates to safeguard their devices against potential threats.
#Cyber_Security_News #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
