This article describes the protection against the publicly disclosed Secure Boot security feature bypass that uses the BlackLotus UEFI bootkit tracked by CVE-2023-24932, how to enable the mitigations, and guidance on bootable media.

An attacker who successfully exploited the vulnerability might bypass secure boot and load untrusted software. This security update addresses the vulnerability by adding the signatures of the known vulnerable UEFI modules to the DBX. To learn more about this security vulnerability, see the following advisory:

Microsoft generally releases the MSRT on a monthly cadence as part of Windows Update or as a standalone tool. (For exceptions, see Skipped releases.)Use this tool to find and remove specific prevalent threats and reverse the changes that they made (see Covered malware families).For comprehensive malware detection and removal, consider using Windows Defender Offline or Microsoft Safety Scanner.

Introduction. Microsoft has developed a sample PowerShell script that can help you automate updating the Windows Recovery Environment (WinRE) on deployed devices to address the security vulnerabilities in CVE-2024-20666. Sample PowerShell script.

Cumulative Update 23 for Microsoft Exchange Server 2016 was released on April 20, 2022. It includes fixes for nonsecurity issues and all previously released fixes for security and nonsecurity issues. These fixes will also be included in later cumulative updates for Exchange Server 2016 .

Windows 10. Summary. This update includes a new user interface (UI) functionality for Windows Update in Windows. Important: If your device is out of support, it is no longer receiving security updates from Microsoft and may become more vulnerable to security risks and viruses.

An update is available for all Active Directory Rights Management Services (AD RMS) clients. This update prevents you from receiving error messages that are related to the application manifest expiry feature of the AD RMS clients. This fix is also necessary for Windows Rights Management clients.

Windows 10 Windows 11. Summary. Microsoft Update Health Tools is offered to devices through Windows Update as update KB4023057. This update is applicable for both Windows consumer and commercial devices, with a slightly different purpose and functionality.

This article describes an update that adds Microsoft Hyper-V integration components (integration services) to Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Server 2008 R2, or Windows Server 2008. Before you install this update, see the Prerequisites section.

This setting requires the installation of Windows updates released on or after March 14, 2023, on ALL member computers and domain controllers. Updates released on and after March 14, 2023 and September 12, 2023, will provide additional options for affected customers on Windows Server 2012 R2 and above and all supported clients.