New link to black lotus & remove non functional registries

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2024-04-10 02:59:20 -07:00
parent c5cb1c122c
commit a9c7b9970e
Signed by: Tomster
GPG Key ID: 555C902A34EC968F
2 changed files with 6 additions and 17 deletions

5
CVE-2023-24932.md Normal file
View File

@ -0,0 +1,5 @@
# CVE-2023-24932
This needs manual configuration to mitigate.
https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d

View File

@ -6,20 +6,4 @@
DisableCoInstallers -> REG_DWORD -> Hexadecimal -> 1
https://www.bleepingcomputer.com/news/microsoft/how-to-block-windows-plug-and-play-auto-installing-insecure-apps/
## CVE-2023-24932
`HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Secureboot`
AvailableUpdates -> REG_DWORD -> Hexadecimal -> 30
https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d
## EEA
`HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\DeviceRegion`
DeviceRegion -> REG_DWORD -> Hexadecimal -> 0000005e
**NOTE: Changing the region this way does not seem to work regardless of whether I use Create, Update, or Replace. You might need to change the registry by hand or use sysprep. Very annoying.**
https://www.bleepingcomputer.com/news/microsoft/how-to-block-windows-plug-and-play-auto-installing-insecure-apps/