CVE-2023-24932.md

@@ -1,5 +0,0 @@
-# CVE-2023-24932
-
-This needs manual configuration to mitigate.
-
-https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d

Group Policies Objects/Default Domain Policy/Registries.md

@@ -6,4 +6,20 @@
 
 DisableCoInstallers -> REG_DWORD -> Hexadecimal -> 1
 
-https://www.bleepingcomputer.com/news/microsoft/how-to-block-windows-plug-and-play-auto-installing-insecure-apps/
+https://www.bleepingcomputer.com/news/microsoft/how-to-block-windows-plug-and-play-auto-installing-insecure-apps/
+
+## CVE-2023-24932
+
+`HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Secureboot`
+
+AvailableUpdates -> REG_DWORD -> Hexadecimal -> 30
+
+https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d
+
+## EEA
+
+`HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\DeviceRegion`
+
+DeviceRegion -> REG_DWORD -> Hexadecimal -> 0000005e
+
+**NOTE: Changing the region this way does not seem to work regardless of whether I use Create, Update, or Replace. You might need to change the registry by hand or use sysprep. Very annoying.**

Group Policies Objects/Parallels/Black Lotus Skip Device Check.md

@@ -1,9 +0,0 @@
-# Registry
-
-## Skip Device Check
-
-`HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot`
-
-SkipDeviceCheck -> REG_DWORD -> Hexadecimal -> 1
-
-https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d