Secure Boot Security Feature Bypass Vulnerability

ID MS:CVE-2016-3320
Type mscve
Reporter Microsoft
Modified 2016-08-09T07:00:00


A security feature bypass vulnerability exists when Windows Secure Boot improperly loads a boot manager that is affected by the vulnerability. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded onto a target device. Furthermore, the attacker could bypass Secure Boot Integrity Validation for BitLocker and Device Encryption security features.

To exploit the vulnerability, an attacker who has gained administrative privileges or who has physical access to a target device could install an affected boot manager and then install a policy affected by the vulnerability onto a target device.

The security update addresses the vulnerability by blacklisting affected boot managers.