First published: Tue Apr 09 2024(Updated: )
A vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to modify the boot manager and escalate privileges.
Credit: psirt@lenovo.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows Server 2022, 23H2 Edition | ||
Microsoft Windows 11 | =23H2 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows 11 | =23H2 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows 11 | =22H2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows Server 2019 | ||
Microsoft Windows Server 2019 | ||
Microsoft Windows 11 | =22H2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows Server 2022 | ||
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows Server 2022 | ||
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 11 | =21H2 | |
Microsoft Windows 11 | =21H2 | |
Microsoft Windows 10 | =21H2 |
Concerned customers can follow Microsoft's guidance to apply the April 9, 2024 Windows security updates. Please refer to KB5025885 to enable the latest protections: https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocatio... https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.