Additional guidance for devices using Secure Boot to address CVE-2023-24932

hsehestedt · May 15, 2023

Yeahoww said:
KB5025885 isn’t the name of the actual update right? On Windows 11 OS Build 22621.1702 all I see is: KB5026372. Is that the one?

Correct. KB5026372 is the May 9 2023 update, while KB505885 is the guidance on how to manage the revocations for the secure boot changes included with KB5026372.

neves · May 15, 2023

Haydon said:
Applying the convoluted fix can do harm

The 'additional guidance' is not enough

MS should automate the fix with a WU

That was/is very easy to do (could have done it with the last update). And if every Windows System worked like XBOX (or OSX and Apple's way of doing/limiting things) - everyone will have this automated patch right away. Yet... that's far from the case. The thing is - applying the patch with the released update - could lead to another huge cascade of complaints. As they stated in that article - they do intend to release an automated process in 2024. Which is basically like saying - you have till 2024 to get your rubbish together.

For example: let's say the patch was automated with last update - and for whatever reason (faulty hardware component - especially the main components - storage unit, CPU or GPU / or the user did something to brake Windows - or let's say Microsoft broke it with a Windows Update) - Windows can't bot properly... "using an external device to boot into Windows "WON'T WORK ANYMORE (since you need to update those too - which is something you should do prior to applying this patches)". So hey, unless you have another System - to create a new boot CD with the patch applied - you're stuck (till you find a someone who can land you their PC or do that for you - or a service a last resort).

glasskuter · May 15, 2023

hsehestedt said:
implication is that the revocations are stored permanently somewhere,

I read where these revocations are stored in a portion of flash memory in firmware but supposedly separate from UEFI bios. I've read so much I can't find it right now but will post back when I do. This is what alarmed me. I have always been under the impression the firmware was separate and apart from MS

neves · May 15, 2023

hsehestedt said:
You are not being obtuse at all! I have to admit that I too have questions about how this works.

So, what I do understand is that when you apply the revocations, you are actually making changes to the EFI partition. But that leaves some outstanding questions in my mind...

When you install Windows from scratch, what actually creates the EFI partition? I thought that it was Windows. The Microsoft KB says that even reformatting the disk will not remove the revocations but I'm trying to understand how that can be. The implication is that the revocations are stored permanently somewhere, but where exactly is that? I'm sure that Microsoft isn't flashing the BIOS on every system, so I'd like a better understanding of how this works. If you wipe the disk and recreate the EFI partition, where is it pulling the revocation information from?

Bottom line is that I too am still trying to fully understand this.

It is Windows (who creates it). It's quite likely - for that to be a referral to Windows partitioning tools. I mean, even if you do a fresh "reinstall" of Windows - and format the HDD during the partitioning step - the EFI partition doesn't/won't show up (same goes for the OEM recovery partition). Tho, you can still delete/remove it while installing a Linux Distro and use GRUB instead. Maybe then, you can actually reinstall Windows even with Secure Boot Enabled.

HRPuffnstuff · May 15, 2023

Yeahoww said:
I did not disable SecureBoot before this and I find no mention of doing so in the instructions from Microsoft?

I know I read it but now I don't see it in the MS instructions. I do see their message about not deleting the EFI partition once this update has been applied.

What happens if you want to clean install on a new drive?

MiguelAngel11 · May 15, 2023

I didn't disabled SecureBoot in the revocations

Marcus Vinicus · May 15, 2023

I've read the MS official documentation on this several times and plenty of other stuff from non MS tech and security blogs.
For these reasons I'm not going to do anything about this other than keep a watching brief on how MS are handling this.

On Microsoft's exploitability index this rates at the second lowest risk level of 'exploitation less likely'.
Physical access to the computer system is needed. I'm the only person who has such access to my two computers.
On the HP laptop I'll follow whatever HP do re how they're going to handle this by way of software\firmware updates.
With my new desktop PC I've spent many hours over the last month getting it stable and am simply not willing to make further changes to the UEFI bios and Windows currently.

Some of the information I read and reviewed.

Security Update Guide - Microsoft Security Response Center

msrc.microsoft.com

KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft Support

support.microsoft.com

https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1

Steve C · May 16, 2023

Marcus Vinicus said:
I've read the MS official documentation on this several times and plenty of other stuff from non MS tech and security blogs.
For these reasons I'm not going to do anything about this other than keep a watching brief on how MS are handling this.

On Microsoft's exploitability index this rates at the second lowest risk level of 'exploitation less likely'.

Physical access to the computer system is needed. I'm the only person who has such access to my two computers.

On the HP laptop I'll follow whatever HP do re how they're going to handle this by way of software\firmware updates.

With my new desktop PC I've spent many hours over the last month getting it stable and am simply not willing to make further changes to the UEFI bios and Windows currently.

Some of the information I read and reviewed.

Security Update Guide - Microsoft Security Response Center

msrc.microsoft.com

KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft Support

support.microsoft.com

elf

https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1

I agree and intend to do nothing myself

milkturnipsbage · May 16, 2023

HRPuffnstuff said:
I know I read it but now I don't see it in the MS instructions. I do see their message about not deleting the EFI partition once this update has been applied.

What happens if you want to clean install on a new drive?

I have no idea how this fix could survive a clean install. If I boot from a USB and reinstall windows on the drive, shouldn't the EFI partition among everything else just get deleted?

Does something get written to the BIOS?

Scott · May 16, 2023

Yeahoww said:
Does something get written to the BIOS?

While Windows is running I don't see how...maybe it happens during the restart?

HRPuffnstuff · May 16, 2023

Okay I went ahead and did it on my desktop w/o disabling SB and the time requirement afterwards is a must for it to appear in the log. At first I didn't see it but a little while later and it appeared. I'll apply it to my laptop later today.

neves · May 16, 2023

Yeahoww said:
I have no idea how this fix could survive a clean install. If I boot from a USB and reinstall windows on the drive, shouldn't the EFI partition among everything else just get deleted?

Does something get written to the BIOS?

No, it won't get deleted (since there's no need for that - not if you intend to use Windows again). You'll need 3rd party tools or a different OS to be able to delete it afterwards (for example - if you intended to switch to Linux and completely remove Windows and the EFI partition from the storage unit).

No.

glasskuter · May 16, 2023

I ran across bleepingcomputer's VERY detailed explanation of Block Lotus and how it attacks. Some of you may understand but it makes me feel like a I'm a bleepingidiot. I also read on Hackernews that this SOB is so advanced, it also features geofencing capabilities to avoid infecting computers in Armenia, Belarus, Kazakhstan, Moldova, Romania, Russia, and Ukraine.
Regarding the latter, one would think it could be a valuable tool for Putin to use in his war but maybe the code was written before the war started.
Some of you with bigger minds than mine see if you understand this.

BlackLotus bootkit bypasses UEFI Secure Boot on patched Windows 11

The developers of the BlackLotus UEFI bootkit have improved the malware with Secure Boot bypass capabilities that allow it to infect even fully patched Windows 11 systems.

www.bleepingcomputer.com

milkturnipsbage · May 16, 2023

neves said:
No, it won't get deleted (since there's no need for that - not if you intend to use Windows again). You'll need 3rd party tools or a different OS to be able to delete it afterwards (for example - if you intended to switch to Linux and completely remove Windows and the EFI partition from the storage unit).

No.

That clears that up, thank you!

glasskuter · May 16, 2023

@hsehestedt I FOUND IT! The bit about these revocations being stored in UEFI firmware was right here under my nose all along. (The very last statement I put in italics is a who-dun-it if I ever read one.)

KB5027455: Guidance for blocking vulnerable Windows boot managers

More information
One method of blocking vulnerable EFI application binaries from being loaded by the firmware is to add hashes of the vulnerable applications to the UEFI Forbidden List (DBX). The DBX list is stored in the devices firmware managed flash. The limitation of this blocking method is the limited firmware flash memory available to store the DBX. Because of this limitation and the large number of boot managers that must be blocked (Windows boot managers from the past 10+ years), relying entirely on the DBX for this issue is not possible.

For this issue, we have chosen a hybrid method of blocking the vulnerable boot managers. Only a few boot managers that released in earlier versions of Windows will be added to the DBX. For Windows 10 and later versions, a Windows Defender Application Control (WDAC) policy will be used that blocks vulnerable Windows boot managers. When the policy is applied to a Windows system, the boot manager will “lock” the policy to the system by adding a variable to the UEFI firmware. Windows boot managers will honor the policy and the UEFI lock. If the UEFI lock is in place and the policy has been removed, the Windows boot manager will not start. If the policy is in place, the boot manager will not start if it has been blocked by the policy.

Sigh...I'm of the mind that if I don't have at least a little understanding of what's going on in my PC, I don't need to own one.

TheVisitor · May 16, 2023

This scares me, I'm not doing anything, will wait for MS to get fixes out.

hsehestedt · May 16, 2023

@glasskuter - that is absolutely fantastic. That was a great find.

Now, the one detail that I wish Microsoft would publish is when various updated components will be released. I already have updated Win 10 and 11 images, but one other item that I really want in an updated Win PE add-on for the Windows ADK.

Once I have that I'll be ready to charge full steam ahead deploying this to all my systems

.

Not having an updated Win PE technically should not stop me, but it would make me feel a little bit better because I have a number of items that rely upon Win PE bootable media including some of my own creations