This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 69%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
Hello,
Microsoft has given guidelines how to detect if your system is affected by this vulnerability. Guide:
"You can do this (detect if your system is vulnerable) by running the following line of PowerShell from an administrative PowerShell session:
[System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI db).bytes) -match 'Microsoft Corporation UEFI CA 2011'
However, nowhere is stated what the PowerShell should return. It would be logical that if you get a match your system IS vulnerable. if I run this code with my computer I only get:
Get-SecureBootUEFI help says: If the variable does not exist, this cmdlet displays the following: Variable is currently undefined.
Could someone clarify? Does this mean my computer is NOT affacted? Also, it would be great if you could update the guide to be more clear.
//LomM
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 16%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHX%3C/text%3E%3C/svg%3E)
Hello,
Thank you so much for posting here.
As you mentioned, the Get-SecureBootUEFI cmdlet gets the UEFI variable values related to Secure Boot which are: SetupMode, SecureBoot, KEK, PK, SignatureDatabase (DB), and forbidden SignatureDatabase (DBX).
If the variable does not exist, this cmdlet displays the following:
Variable is currently undefined.
According to my research, to check whether our PC is vulnerable to BootHole, we could run the command. If we get a return of "True", then our PC is vulnerable. But no more information about this could be found. Nowhere describes what this output (Variable is currently undefined) mean and what could do with this output.
Here are some information we would like to share with you. Hope it could be of some help to you.
https://answers.microsoft.com/en-us/windows/forum/all/microsoft-guidance-for-applying-secure-boot-dbx/d0b9c235-6ed0-4be8-a497-b33eb750d814?auth=1
https://www.tomsguide.com/news/boothole-hack-windows-linux
Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Thank you so much for your understanding and support.
Best regards,
Hannah Xiong
Hello,
This is the logical answer, I hope it's the right one.
-Thank you for your time friend.
Best regards,
LomM