Is there another fix KB for the Secure Boothole vulnerability?

marshan32 35 Reputation points
2023-04-03T09:26:24.7133333+00:00

A few months back, KB5012170 was released to fix a vulnerability in Windows Security Feature Bypass in Secure Boot (BootHole). We've installed this fix KB via SCCM and Powershell and confirmed that it is actually installed. However, Tenable is still detecting that the device is vulnerable as it sees the KB is "missing". We have tried to remove and re-install it but Tenable scan result is still the same. Any suggestion on how to properly install this fix KB?

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,975 questions
{count} votes

Accepted answer
  1. Reza-Ameri 17,011 Reputation points
    2023-04-03T15:59:29.3766667+00:00

    It might be a false-positive and you will need to check with their support.


1 additional answer

Sort by: Most helpful
  1. Otha 0 Reputation points
    2023-05-01T18:32:48.7333333+00:00

    There's a new UEFI revocation file (March 2023) and I think that's what's causing the BootHole vulnerability to re-appear. I downloaded it and split it using the DBX split script and ran the Set-SecureBootUefi command against the output and that fixed the vulnerability for me. However, I expect BootHole will appear again once a new UEFI revocation file is posted...I was hoping the fix Microsoft posted would be a permanent one but apparently not...


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.