{"id":4784,"date":"2024-01-19T05:01:34","date_gmt":"2024-01-18T20:01:34","guid":{"rendered":"https:\/\/m365jp.tk\/?p=4784"},"modified":"2024-01-19T05:06:45","modified_gmt":"2024-01-18T20:06:45","slug":"mc708249-reminder-changes-to-windows-boot-manager-revocations-for-secure-boot-effective-april-9-2024","status":"publish","type":"post","link":"https:\/\/m365jp.net\/index.php\/2024-01-19-mc708249-reminder-changes-to-windows-boot-manager-revocations-for-secure-boot-effective-april-9-2024","title":{"rendered":"MC708249 | Reminder: Changes to Windows Boot Manager revocations for Secure Boot effective April 9, 2024"},"content":{"rendered":"<div class=\"postie-post\">\n<div>\n<hr>\n<table id=\"section\">\n<tbody>\n<tr>\n<th width=\"95%\">MC708249 | Reminder: Changes to Windows Boot Manager revocations for Secure Boot effective April 9, 2024<\/th>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr>\n<table id=\"data\">\n<tbody>\n<tr>\n<th>Classification<\/th>\n<td>planForChange<\/td>\n<\/tr>\n<tr>\n<th>Last Updated<\/th>\n<td>01\/18\/2024 19:37:02<\/td>\n<\/tr>\n<tr>\n<th>Start Time<\/th>\n<td>01\/18\/2024 19:37:01<\/td>\n<\/tr>\n<tr>\n<th>End Time<\/th>\n<td>04\/09\/2025 15:00:00<\/td>\n<\/tr>\n<tr>\n<th>Action Required By Date<\/th>\n<td>2024-04-09T15:00:00Z<\/td>\n<\/tr>\n<tr>\n<th>Message Content<\/th>\n<td>\n<div>Windows updates released July 11, 2023 and later include security measures which protect against a Secure Boot bypass vulnerability disclosed in  <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-24932\" rel=\"noopener noreferrer\" target=\"_blank\">  CVE-2023-24932<\/a>. <a href=\"https:\/\/learn.microsoft.com\/windows\/security\/operating-system-security\/system-security\/trusted-boot\" rel=\"noopener noreferrer\" target=\"_blank\">  Secure Boot<\/a> is a Windows security feature designed to protect devices from bootkit malware.<\/div>\n<div>  <\/div>\n<div>Windows security updates include options to manually enable protections against Secure Boot bypass beginning July 11, 2023. Enforcement and deployment phases for these protections are coming with updates being released on April 9, 2024, and throughout   2024. For detailed information, see <a href=\"https:\/\/support.microsoft.com\/help\/5025885\" rel=\"noopener noreferrer\" target=\"_blank\">  KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932<\/a>.<\/div>\n<div>  <\/div>\n<div><b>When will this happen:<\/b><\/div>\n<div>  <\/div>\n<div>April 9, 2024 or later &#8211; Third Deployment Phase<\/div>\n<ul>\n<li>Windows updates released on and after this date will provide new mitigations to block additional vulnerable boot managers.<\/li>\n<\/ul>\n<div>  <\/div>\n<div>October 8, 2024 or later &#8211; Mandatory Enforcement Phase<\/div>\n<ul>\n<li>Windows updates released on and after this date which are installed to affected systems will enforce the Code Integrity Boot policy and Secure Boot disallow list revocations related to this hardening. There will be no option to disable this enforcement   after this update.<\/li>\n<\/ul>\n<div>  <\/div>\n<div>The Mandatory Enforcement Phase described above is the final phase of these security hardening measures.<\/div>\n<div>  <\/div>\n<div><b>What you need to do to prepare:<\/b><\/div>\n<div>Administrators should determine whether it&#8217;s important to enable protections now or wait for a future update from Microsoft. It&#8217;s also important to understand the options available for configuring these security requirements in your environment. See the   resources available in the Additional information section below.<\/div>\n<div>  <\/div>\n<div><b>Additional information:<\/b><\/div>\n<ul>\n<li><a href=\"https:\/\/support.microsoft.com\/help\/5025885\" rel=\"noopener noreferrer\" target=\"_blank\">KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932<\/a> | Microsoft support<\/li>\n<li><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-24932\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2023-24932: Secure Boot Security Feature Bypass Vulnerability<\/a>, released May 9, 2023<\/li>\n<li><a href=\"https:\/\/learn.microsoft.com\/windows\/security\/operating-system-security\/system-security\/trusted-boot\" rel=\"noopener noreferrer\" target=\"_blank\">Secure Boot and Trusted Boot<\/a> | Microsoft Learn<\/li>\n<li><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2023\/04\/11\/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign\/\" rel=\"noopener noreferrer\" target=\"_blank\">Guidance for investigating attacks using CVE-2022-21894: The BlackLotus   campaign<\/a> | Microsoft Security Blog<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<tr>\n<th>Machine Translation<\/th>\n<td>\n<div>2023 \u5e74 7 \u6708 11 \u65e5\u4ee5\u964d\u306b\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u305f Windows \u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u306b\u306f\u3001 <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-24932\" rel=\"noopener noreferrer\" target=\"_blank\">  CVE-2023-24932<\/a> \u3067\u958b\u793a\u3055\u308c\u305f\u30bb\u30ad\u30e5\u30a2 \u30d6\u30fc\u30c8 \u30d0\u30a4\u30d1\u30b9\u306e\u8106\u5f31\u6027\u304b\u3089\u4fdd\u8b77\u3059\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002 <a href=\"https:\/\/learn.microsoft.com\/windows\/security\/operating-system-security\/system-security\/trusted-boot\" rel=\"noopener noreferrer\" target=\"_blank\">  \u30bb\u30ad\u30e5\u30a2<\/a> \u30d6\u30fc\u30c8\u306f\u3001\u30d6\u30fc\u30c8\u30ad\u30c3\u30c8 \u30de\u30eb\u30a6\u30a7\u30a2\u304b\u3089\u30c7\u30d0\u30a4\u30b9\u3092\u4fdd\u8b77\u3059\u308b\u305f\u3081\u306b\u8a2d\u8a08\u3055\u308c\u305f Windows \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6a5f\u80fd\u3067\u3059\u3002<\/div>\n<div>  <\/div>\n<div>Windows \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u306b\u306f\u30012023 \u5e74 7 \u6708 11 \u65e5\u4ee5\u964d\u3001\u30bb\u30ad\u30e5\u30a2 \u30d6\u30fc\u30c8 \u30d0\u30a4\u30d1\u30b9\u306b\u5bfe\u3059\u308b\u4fdd\u8b77\u3092\u624b\u52d5\u3067\u6709\u52b9\u306b\u3059\u308b\u30aa\u30d7\u30b7\u30e7\u30f3\u304c\u542b\u307e\u308c\u3066\u3044\u307e\u3059\u3002\u3053\u308c\u3089\u306e\u4fdd\u8b77\u306e\u9069\u7528\u3068\u5c55\u958b\u306e\u30d5\u30a7\u30fc\u30ba\u306f\u30012024 \u5e74 4 \u6708 9 \u65e5\u306b\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u30012024 \u5e74\u4e2d\u306b\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u307e\u3059\u3002\u8a73\u7d30\u306b\u3064\u3044\u3066\u306f\u3001\u300c  <a href=\"https:\/\/support.microsoft.com\/help\/5025885\" rel=\"noopener noreferrer\" target=\"_blank\">  KB5025885: CVE-2023-24932 \u306b\u95a2\u9023\u3059\u308b\u30bb\u30ad\u30e5\u30a2 \u30d6\u30fc\u30c8\u306e\u5909\u66f4\u306b\u5bfe\u3059\u308b Windows \u30d6\u30fc\u30c8 \u30de\u30cd\u30fc\u30b8\u30e3\u30fc\u306e\u5931\u52b9\u3092\u7ba1\u7406\u3059\u308b\u65b9\u6cd5<\/a>\u300d\u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/div>\n<div>  <\/div>\n<div><b>\u3053\u308c\u306f\u3044\u3064\u767a\u751f\u3057\u307e\u3059\u304b:<\/b><\/div>\n<div>  <\/div>\n<div>2024 \u5e74 4 \u6708 9 \u65e5\u4ee5\u964d &#8211; \u7b2c 3 \u5c55\u958b\u30d5\u30a7\u30fc\u30ba<\/div>\n<ul>\n<li>\u3053\u306e\u65e5\u4ee5\u964d\u306b\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u305f Windows \u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u306f\u3001\u8ffd\u52a0\u306e\u8106\u5f31\u306a\u30d6\u30fc\u30c8 \u30de\u30cd\u30fc\u30b8\u30e3\u30fc\u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b\u305f\u3081\u306e\u65b0\u3057\u3044\u8efd\u6e1b\u7b56\u3092\u63d0\u4f9b\u3057\u307e\u3059\u3002<\/li>\n<\/ul>\n<div>  <\/div>\n<div>2024 \u5e74 10 \u6708 8 \u65e5\u4ee5\u964d &#8211; \u5f37\u5236\u9069\u7528\u30d5\u30a7\u30fc\u30ba<\/div>\n<ul>\n<li>\u3053\u306e\u65e5\u4ed8\u4ee5\u964d\u306b\u30ea\u30ea\u30fc\u30b9\u3055\u308c\u3001\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30b7\u30b9\u30c6\u30e0\u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u308b Windows \u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u306f\u3001\u3053\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5f37\u5316\u306b\u95a2\u9023\u3059\u308b\u30b3\u30fc\u30c9\u6574\u5408\u6027\u30d6\u30fc\u30c8 \u30dd\u30ea\u30b7\u30fc\u3068\u30bb\u30ad\u30e5\u30a2 \u30d6\u30fc\u30c8\u7981\u6b62\u4e00\u89a7\u306e\u5931\u52b9\u3092\u9069\u7528\u3057\u307e\u3059\u3002\u3053\u306e\u66f4\u65b0\u5f8c\u3001\u3053\u306e\u5f37\u5236\u3092\u7121\u52b9\u306b\u3059\u308b\u30aa\u30d7\u30b7\u30e7\u30f3\u306f\u3042\u308a\u307e\u305b\u3093\u3002<\/li>\n<\/ul>\n<div>  <\/div>\n<div>\u4e0a\u8a18\u306e\u5f37\u5236\u9069\u7528\u30d5\u30a7\u30fc\u30ba\u306f\u3001\u3053\u308c\u3089\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5f37\u5316\u5bfe\u7b56\u306e\u6700\u7d42\u30d5\u30a7\u30fc\u30ba\u3067\u3059\u3002<\/div>\n<div>  <\/div>\n<div><b>\u6e96\u5099\u306b\u5fc5\u8981\u306a\u3053\u3068:<\/b><\/div>\n<div>\u7ba1\u7406\u8005\u306f\u3001\u4fdd\u8b77\u3092\u4eca\u3059\u3050\u6709\u52b9\u306b\u3059\u308b\u304b\u3001Microsoft \u304b\u3089\u306e\u5c06\u6765\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u3092\u5f85\u3064\u3053\u3068\u304c\u91cd\u8981\u304b\u3092\u5224\u65ad\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u307e\u305f\u3001\u74b0\u5883\u5185\u3067\u3053\u308c\u3089\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8981\u4ef6\u3092\u69cb\u6210\u3059\u308b\u305f\u3081\u306b\u4f7f\u7528\u3067\u304d\u308b\u30aa\u30d7\u30b7\u30e7\u30f3\u3092\u7406\u89e3\u3059\u308b\u3053\u3068\u3082\u91cd\u8981\u3067\u3059\u3002\u4ee5\u4e0b\u306e\u300c\u8ffd\u52a0\u60c5\u5831\u300d\u30bb\u30af\u30b7\u30e7\u30f3\u3067\u5165\u624b\u53ef\u80fd\u306a\u30ea\u30bd\u30fc\u30b9\u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/div>\n<div>  <\/div>\n<div><b>\u8ffd\u52a0\u60c5\u5831:<\/b><\/div>\n<ul>\n<li><a href=\"https:\/\/support.microsoft.com\/help\/5025885\" rel=\"noopener noreferrer\" target=\"_blank\">KB5025885: CVE-2023-24932 \u306b\u95a2\u9023\u3059\u308b\u30bb\u30ad\u30e5\u30a2 \u30d6\u30fc\u30c8\u306e\u5909\u66f4\u306b\u5bfe\u3059\u308b Windows \u30d6\u30fc\u30c8 \u30de\u30cd\u30fc\u30b8\u30e3\u30fc\u306e\u5931\u52b9\u3092\u7ba1\u7406\u3059\u308b\u65b9\u6cd5<\/a> |Microsoft \u30b5\u30dd\u30fc\u30c8<\/li>\n<li><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-24932\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2023-24932: \u30bb\u30ad\u30e5\u30a2 \u30d6\u30fc\u30c8 \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6a5f\u80fd\u30d0\u30a4\u30d1\u30b9\u306e\u8106\u5f31\u6027<\/a>\u30012023 \u5e74 5 \u6708 9 \u65e5\u30ea\u30ea\u30fc\u30b9<\/li>\n<li><a href=\"https:\/\/learn.microsoft.com\/windows\/security\/operating-system-security\/system-security\/trusted-boot\" rel=\"noopener noreferrer\" target=\"_blank\">\u30bb\u30ad\u30e5\u30a2 \u30d6\u30fc\u30c8\u3068\u30c8\u30e9\u30b9\u30c6\u30c3\u30c9 \u30d6\u30fc\u30c8<\/a> |Microsoft Learn<\/li>\n<li><a href=\"https:\/\/www.microsoft.com\/security\/blog\/2023\/04\/11\/guidance-for-investigating-attacks-using-cve-2022-21894-the-blacklotus-campaign\/\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2022-21894 \u3092\u4f7f\u7528\u3057\u305f\u653b\u6483\u3092\u8abf\u67fb\u3059\u308b\u305f\u3081\u306e\u30ac\u30a4\u30c0\u30f3\u30b9: BlackLotus \u30ad\u30e3\u30f3\u30da\u30fc\u30f3<\/a> |Microsoft   \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30d6\u30ed\u30b0<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>MC708249 | Reminder: Changes to Windows Boot Manager revocations for Secure Boot effective April 9, 2024 Class [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-4784","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/4784","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/comments?post=4784"}],"version-history":[{"count":0,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/4784\/revisions"}],"wp:attachment":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/media?parent=4784"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/categories?post=4784"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/tags?post=4784"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}