It might be a false-positive and you will need to check with their support.
Is there another fix KB for the Secure Boothole vulnerability?
A few months back, KB5012170 was released to fix a vulnerability in Windows Security Feature Bypass in Secure Boot (BootHole). We've installed this fix KB via SCCM and Powershell and confirmed that it is actually installed. However, Tenable is still detecting that the device is vulnerable as it sees the KB is "missing". We have tried to remove and re-install it but Tenable scan result is still the same. Any suggestion on how to properly install this fix KB?
1 additional answer
Sort by: Most helpful
-
Otha 0 Reputation points
2023-05-01T18:32:48.7333333+00:00 There's a new UEFI revocation file (March 2023) and I think that's what's causing the BootHole vulnerability to re-appear. I downloaded it and split it using the DBX split script and ran the Set-SecureBootUefi command against the output and that fixed the vulnerability for me. However, I expect BootHole will appear again once a new UEFI revocation file is posted...I was hoping the fix Microsoft posted would be a permanent one but apparently not...