mirror of
https://github.com/TommyTran732/Windows-Setup.git
synced 2024-11-23 00:21:43 -05:00
Compare commits
2 Commits
c5cb1c122c
...
e5323cf69c
Author | SHA1 | Date | |
---|---|---|---|
e5323cf69c | |||
a9c7b9970e |
5
CVE-2023-24932.md
Normal file
5
CVE-2023-24932.md
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
# CVE-2023-24932
|
||||||
|
|
||||||
|
This needs manual configuration to mitigate.
|
||||||
|
|
||||||
|
https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d
|
@ -6,20 +6,4 @@
|
|||||||
|
|
||||||
DisableCoInstallers -> REG_DWORD -> Hexadecimal -> 1
|
DisableCoInstallers -> REG_DWORD -> Hexadecimal -> 1
|
||||||
|
|
||||||
https://www.bleepingcomputer.com/news/microsoft/how-to-block-windows-plug-and-play-auto-installing-insecure-apps/
|
https://www.bleepingcomputer.com/news/microsoft/how-to-block-windows-plug-and-play-auto-installing-insecure-apps/
|
||||||
|
|
||||||
## CVE-2023-24932
|
|
||||||
|
|
||||||
`HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Secureboot`
|
|
||||||
|
|
||||||
AvailableUpdates -> REG_DWORD -> Hexadecimal -> 30
|
|
||||||
|
|
||||||
https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d
|
|
||||||
|
|
||||||
## EEA
|
|
||||||
|
|
||||||
`HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\DeviceRegion`
|
|
||||||
|
|
||||||
DeviceRegion -> REG_DWORD -> Hexadecimal -> 0000005e
|
|
||||||
|
|
||||||
**NOTE: Changing the region this way does not seem to work regardless of whether I use Create, Update, or Replace. You might need to change the registry by hand or use sysprep. Very annoying.**
|
|
@ -0,0 +1,9 @@
|
|||||||
|
# Registry
|
||||||
|
|
||||||
|
## Skip Device Check
|
||||||
|
|
||||||
|
`HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot`
|
||||||
|
|
||||||
|
SkipDeviceCheck -> REG_DWORD -> Hexadecimal -> 1
|
||||||
|
|
||||||
|
https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d
|
Loading…
Reference in New Issue
Block a user