Applies ToWindows 10 Win 10 IoT Ent LTSB 2016 Windows Server 2016 Windows 10 Enterprise, version 1809 Windows Server 2019 Windows 10 IoT Enterprise, version 21H2 Windows 10 Home and Pro, version 22H2 Windows 10 Enterprise Multi-Session, version 22H2 Windows 10 Enterprise and Education, version 22H2 Windows 10 IoT Enterprise, version 22H2 Windows Server 2022 Azure Local, version 22H2 Windows 11 SE, version 21H2 Windows 11 Home and Pro, version 21H2 Windows 11 Enterprise and Education, version 21H2 Windows 11 IoT Enterprise, version 21H2 Windows 11 SE, version 22H2 Windows 11 Home and Pro, version 22H2 Windows 11 Enterprise Multi-Session, version 22H2 Windows 11 Enterprise and Education, version 22H2 Windows 11 IoT Enterprise, version 22H2 Windows 11 Home and Pro, version 23H2 Windows 11 Enterprise and Education, version 23H2 Windows 11 Enterprise Multi-Session, version 23H2 Windows 11 IoT Enterprise, version 23H2 Windows 11 SE, version 24H2 Windows 11 Enterprise and Education, version 24H2 Windows 11 Enterprise Multi-Session, version 24H2 Windows 11 Home and Pro, version 24H2 Windows 11 IoT Enterprise, version 24H2

Original publish date: August 13, 2024

KB ID: 5042562

Support for Windows 10 will end in October 2025

After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows 10. Your PC will still work, but we recommend moving to Windows 11.

Learn more

Important note about the SkuSiPolicy.p7b policy

For instructions to apply the updated policy, see the Deploying a Microsoft-signed revocation policy (SkuSiPolicy.p7b) section. 

In this article

Summary

Microsoft was made aware of a vulnerability in Windows that allows an attacker with administrator privileges to replace updated Windows system files that have older versions, opening the door for an attacker to reintroduce vulnerabilities to Virtualization-based security (VBS).  Rollback of these binaries might allow an attacker to circumvent VBS security features and exfiltrate data that is protected by VBS. This issue is described in CVE-2024-21302 | Windows Secure Kernel Mode Elevation of Privilege Vulnerability.

To resolve this issue, we will revoke vulnerable VBS system files that are not updated. Because of the large number of VBS-related files that must be blocked, we use an alternative approach to block file versions that are not updated.

Scope of Impact

All Windows devices that support VBS are affected by this issue. This includes on-premises physical devices and virtual machines (VMs). VBS is supported on Windows 10 and later Windows versions, and Windows Server 2016 and later Windows Server versions.

The VBS state can be checked through the Microsoft System Information tool (Msinfo32.exe). This tool collects information about your device. After starting Msinfo32.exe, scroll down to the Virtualization-based security row. If the value of this row is Running, VBS is enabled and running.

System Information dialog box with the "Virtualization-based security" row highlighted

The VBS state can also be checked with Windows PowerShell by using the Win32_DeviceGuard WMI class. To query the VBS state from PowerShell, open an elevated Windows PowerShell session and then run the following command:

Get-CimInstance -ClassName Win32_DeviceGuard -Namespace root\Microsoft\Windows\DeviceGuard

After running the above PowerShell command, the VBS state status should be one of the following.

Field name

Status

VirtualizationBasedSecurityStatus

  • If the field equals 0, VBS is not enabled.

  • If the field equals 1, VBS is enabled but not running.

  • If the field equals 2, VBS is enabled and running.

Available mitigations

For all supported versions of Windows 10, version 1507 and later Windows versions, and Windows Server 2016 and later Windows Server versions, administrators can deploy a Microsoft-signed revocation policy (SkuSiPolicy.p7b). This will block vulnerable versions of VBS system files that are not updated from being loaded by the operating system.  

When the SkuSiPolicy.p7b is applied to a Windows device, the policy will also be locked to the device by adding a variable to the UEFI firmware. During startup, the policy loads and Windows blocks the loading of binaries that violate the policy. If the UEFI lock is applied and the policy is removed or replaced with an older version, the Windows boot manager will not start, and the device will not start. This boot failure will not show an error and the system will proceed to the next available boot option which might result in a boot loop.

An additional Microsoft-signed CI policy which is enabled by default and requires no additional deployment steps has been added which is not bound to UEFI. This signed CI policy will be loaded during boot and the enforcement of this policy will prevent rollback of VBS system files during that boot session. Unlike the SkuSiPolicy.p7b, a device can continue to boot if the default enabled policy has been tampered or removed. This mitigation is available on devices with Windows 10 22H2 and later. The SkuSkiPolicy.p7b can still be applied by administrators to provide additional protection for rollback across boot sessions.  

Windows Measured Boot logs used to attest the boot health of the PC include information about the policy version being loaded during the boot process. These logs are securely maintained by the TPM during boot, and the Microsoft attestation services parse these logs to verify that the correct policy versions are being loaded. The attestation services enforce rules that ensure a specific policy version or higher is loaded; otherwise, the system will not be attested as healthy.

For the policy mitigation to work, the policy must be updated using the Windows servicing update since the components of Windows and the policy must be from the same release. If the policy mitigation is copied to the device, the device might not start if the wrong version of the mitigation is applied, or the mitigation may not work as expected. Additionally, mitigations described in KB5025885 should be applied to your device.

On Windows 11 Secured-core PCs, Dynamic Root of Trust for Measurement (DRTM) adds an additional mitigation for the rollback vulnerability. This mitigation is enabled by default for systems running Windows 11, version 24H2. On these systems, the VBS-protected encryption keys are bound to the default-enabled boot session VBS CI policy and will only unseal if the matching CI policy version is being enforced. To enable user-initiated rollbacks, a grace period has been added to enable safe rollback of 1 version of Windows update package without losing the ability to unseal the VSM master key. However, the user-initiated rollback is only possible if the SkuSiPolicy.p7b is not applied. The  VBS CI policy enforces that all boot binaries have not been rolled back to revoked versions. This means that if an attacker with administrator privileges rolls back vulnerable boot binaries, the system will not start. If the CI policy and binaries are both rolled back to an earlier version, the VSM-protected data will not be unsealed.

Understanding mitigation risks

You need to be aware of potential risks before applying the Microsoft-signed revocation policy. Please review these risks and make any necessary updates to recovery media before applying the mitigation.

Note These risks are only applicable to the SkuSiPolicy.p7b policy and not applicable to default enabled protections.

  • User Mode Code Integrity (UMCI). The Microsoft-signed revocation policy enables user mode code integrity so that rules in the policy are applied to user mode binaries. UMCI also enables Dynamic Code Security by default. Enforcing these features may introduce compatibility issues with applications and scripts and may prevent them from running and have a performance impact on start up time. Before deploying the mitigation, follow the instructions to deploy audit mode policy to test for potential issues.

  • UEFI Lock and Uninstalling updates. After applying the UEFI lock with the Microsoft-signed revocation policy on a device, the device cannot be reverted (by uninstalling Windows updates, by using a restore point, or by other means) if you continue to apply Secure Boot. Even reformatting the disk will not remove the UEFI lock of the mitigation if it has already been applied. This means that if you attempt to revert the Windows OS to an earlier state that does not have the applied mitigation, the device will not start, no error message will be displayed, and UEFI will proceed to the next available boot option. This might result in a boot loop. You must disable Secure Boot to remove the UEFI lock. Please be aware of all possible implications and test thoroughly before you apply the revocations that are outlined in this article to your device.

  • External Boot Media. After the UEFI lock mitigations have been applied to a device, external boot media must be updated with the latest Windows update installed on the device. If external boot media is not updated to the same Windows update version, the device might not boot from that media. See the instructions in the Updating external boot media section before applying the mitigations.

  • Windows Recovery Environment. The Windows Recovery Environment (WinRE) on the device must be updated with the latest Windows updates installed on the device before the SkuSipolicy.p7b is applied to the device. Omitting this step might prevent WinRE from running the Reset PC feature.  For more information, see Add an update package to Windows RE.

  • Pre-boot Execution Environment (PXE) boot. If the mitigation is deployed to a device and you attempt to use PXE boot, the device will not start unless the latest Windows update is also applied to the PXE server boot image. We do not recommend deploying mitigations to network boot sources unless the PXE Boot server has been updated to the latest Windows update released on or after January 2025, including the PXE boot manager.  

Mitigation deployment guidelines

To address the issues described in this article, you can deploy a Microsoft-signed revocation policy (SkuSiPolicy.p7b). This mitigation is only supported on Windows 10, version 1507 and later Windows versions, and Windows Server 2016. Before you deploy the Microsoft-signed revocation policy (SkuSiPolicy.p7b), you should test for compatibility issues by using an audit mode policy.

Note If you use BitLocker, make sure that your BitLocker recovery key has been backed up. You can run the following command from an Administrator command prompt and take note of the 48-digit numerical password:

manage-bde -protectors -get %systemdrive%​​​​​​​

Deploying an audit mode policy

The Microsoft-signed revocation policy (SkuSiPolicy.p7b) enforces user mode code integrity (UMCI) and Dynamic Code Security. These features may have compatibility issues with customer applications. Before deploying the mitigation, you should deploy an audit policy to detect compatibility issues.

You have two audit policy options:

  • Use the provided SiPolicy.p7b audit policy,

  • Or, compile your own audit policy binary from a provided XML file.

We recommend using the provided SiPolicy.p7b audit policy binary unless you have already deployed an existing Windows Defender Application Control (WDAC) policy. The provided audit policy binary will not be UEFI locked. External boot media and recovery media do not need to be updated before applying the audit policy.

Windows Code Integrity will evaluate user and kernel mode binaries against the rules in the audit policy. If code integrity identifies an application or script in violation of the policy, a Windows Event log event will be generated with information about the blocked application or script and information about the enforced policy. These events can be used to determine if there are incompatible applications or scripts being used on your device. For more information, see the Windows Event logs section.

The SiPolicy.p7b audit policy is included in the latest Windows updates for all supported Windows operating systems. This audit policy should only be applied to devices by installing the latest servicing update and then follow these steps:

  1. Run the following commands from an elevated Windows PowerShell prompt:

    # Initialize policy location and destination

    $PolicyBinary = $env:windir+"\System32\SecureBootUpdates\VbsSI_Audit.p7b"

    $DestinationBinary = $env:windir+"\System32\CodeIntegrity\SiPolicy.p7b"

    # Copy the audit policy binary

    Copy-Item -Path $PolicyBinary -Destination $DestinationBinary -force

  2. Restart the device.

  3. Confirm the policy is loaded in the Event Viewer by using the information in the Policy activation events section.

  4. Test by using applications and scripts while the policy is applied to identify compatibility issues.

To uninstall the SiPolicy.p7b audit policy, follow these steps:

  1. Run the following commands from an elevated Windows PowerShell prompt:

    # Initialize policy location

    ​​​​​​​$PolicyBinary = $env:windir+"\System32\CodeIntegrity\SiPolicy.p7b"

    # Remove SiPolicy.p7b

    Remove-Item -Path $PolicyBinary -force

  2. Restart the device.

  3. Confirm the audit policy is not loaded in the Event Viewer by using the information in the Policy activation events section.

Deploying a Microsoft-signed revocation policy (SkuSiPolicy.p7b)

The Microsoft-signed revocation policy is included as part of the latest Windows update. This policy should only be applied to devices by installing the latest available Windows update released on or after January 2025 and then follow these steps:

Note If updates are missing, the device may not start with the mitigation applied or the mitigation may not work as expected. Make sure to update your bootable Windows media with the latest available Windows update before deploying the policy. For details on how to update bootable media, see the Updating external boot media section.

  1. Run the following commands in an elevated Windows PowerShell prompt:

    $PolicyBinary = $env:windir+"\System32\SecureBootUpdates\SkuSiPolicy.p7b" $MountPoint = 's:' $EFIDestinationFolder = "$MountPoint\EFI\Microsoft\Boot" mountvol $MountPoint /S if (-Not (Test-Path $EFIDestinationFolder)) { New-Item -Path $EFIDestinationFolder -Type Directory -Force } Copy-Item -Path $PolicyBinary -Destination $EFIDestinationFolder -Force mountvol $MountPoint /D

  2. Restart your device.

  3. Confirm the policy is loaded in the Event Viewer by using the information in the Windows Event logs section.

Notes

  • You should not remove the SkuSiPolicy.p7b revocation (policy) file after it is deployed. Your device might no longer be able to start if the file is removed.

  • If your device does not start, see the  Recovery procedure section.

Updating external boot media

To use external boot media with a device that has a Microsoft-signed revocation policy applied, the external boot media must be updated with the latest Windows update including the Boot manager. If the media does not include the latest Windows update, the media will not start.

Important We recommend that you Create a recovery drive before proceeding. This media can be used to reinstall a device in case there is a major issue.

Use the following steps to update the external boot media:

  1. Go to a device where the latest Windows updates have been installed.

  2. Mount the external boot media as a drive letter. For example, mount a thumb drive as D:.

  3. Click Start, type Create a Recovery Drive in the Search box, and then click Create a recovery drive control panel. Follow the instructions to create a recovery drive by using the mounted thumb drive.

  4. Safely remove the mounted thumb drive.

If you manage installable media in your environment by using the Update Windows installation media with Dynamic Update guidance, follow these steps:

  1. Go to a device where the latest Windows updates have been installed.

  2. Follow the steps in Update Windows installation media with Dynamic Update to create media that has the latest Windows updates installed.

Windows Event logs

Windows logs events when code integrity policies, including SkuSiPolicy.p7b, are loaded and when a file is blocked from loading because of policy enforcement. You can use these events to verify that the mitigation has been applied.

Code integrity logs are available in the Windows Event Viewer under Application and Services logs > Microsoft > Windows > CodeIntegrity > Operational > Application and Services logs > Services logs > Microsoft > Windows > AppLocker > MSI and Script.

For more information on code integrity events, see the Windows Defender Application Control operational guide.

Policy activation events

Policy activation events are available in the Windows Event Viewer under Application and Services logs > Microsoft > Windows > CodeIntegrity > Operational.

CodeIntegrity Event 3099 in the "CodeIntegrity - Operational" event log indicates that a policy has been loaded and includes details about the loaded policy. Information in the event includes the friendly name of the policy, a globally unique identifier (GUID), and a hash of the policy. Multiple CodeIntegrity Event 3099 events will be present if there are multiple code integrity policies applied to the device.

When the provided audit policy is applied, there will be an event with the following information:

  • PolicyNameBuffer – Microsoft Windows Virtualization Based Security Audit Policy

  • PolicyGUID – {a244370e-44c9-4c06-b551-f6016e563076}

  • PolicyHash – 98FC5872FD022C7DB400953053756A6E62A8F24E7BD8FE080C6525DFBCA38387

Microsoft Virtualization Based Security Audit Policy

When the Microsoft-signed revocation policy (SkuSiPolicy.p7b) is applied, there will be an event with the following information (See screenshot of CodeIntegrity event 3099 below):

  • PolicyNameBuffer – Microsoft Windows SKU SI Policy

  • PolicyGUID – {976d12c8-cb9f-4730-be52-54600843238e}

  • PolicyHash – 107E8FDD187C34CF8B8EA46A4EE99F0DB60F491650DC989DB71B4825DC73169D

Microsoft Windows SKU SI Policy

If you have applied the audit policy or the mitigation to your device and CodeIntegrity Event 3099 for the applied policy is not present, the policy is not being enforced. Please consult the deployment instructions to verify the policy was installed correctly.

Note The Code Integrity event 3099 is not supported on versions of Windows 10 Enterprise 2016, Windows Server 2016, and Windows 10 Enterprise 2015 LTSB. To verify that the policy has been applied (audit or revocation policy), you must mount the EFI System Partition using the mountvol.exe command and look to see that the policy has been applied to the EFI partition. Be sure to unmount the EFI System Partition after verification.

SkuSiPolicy.p7b - Revocation Policy

SkuSiPolicy.p7b policy has been applied

SiPolicy.p7b - Audit Policy

SiPolicy.p7b Audit Policy Applied​​​​​​​

Audit and block events

Code integrity audit and block events are available in the Windows Event Viewer under Application and Services logs > Microsoft > Windows > CodeIntegrity > Operational > Application and Services logs > Microsoft > Windows > AppLocker > MSI and Script.

The former logging location includes events about the control of executables, dlls, and drivers. The latter logging location includes events about the control of MSI installers, scripts, and COM objects.

CodeIntegrity Event 3076 in the "CodeIntegrity – Operational" log is the main block event for audit mode policies and indicates that a file would have been blocked if a policy was enforced. This event includes information about the blocked file and about the enforced policy. For files that would be blocked by the mitigation, the policy information in Event 3077 will match the policy information of audit policy from Event 3099.

CodeIntegrity Event 3077 in the "CodeIntegrity – Operational" log indicates that an executable, .dll, or driver has been blocked from loading. This event includes information about the blocked file and about the enforced policy. For files blocked by the mitigation, the policy information in CodeIntegrity Event 3077 will match the policy information of SkuSiPolicy.p7b from CodeIntegrity Event 3099. CodeIntegrity Event 3077 will not be present if there are not any executable, .dll, or drivers in violation of code integrity policy on your device.

For other code integrity audit and block events, see Understanding Application Control events.

Policy Removal and Recovery Procedure

If something goes wrong after applying the mitigation, you can use the following steps to remove the mitigation:

  1. Suspend BitLocker if it is enabled. Run the following command from an elevated Command Prompt window:

    Manager-bde -protectors -disable c: -rebootcount 3

  2. Turn off Secure Boot from the UEFI BIOS menu. The procedure for turning off Secure Boot differs between device manufacturers and models. For help locating where to turn off Secure Boot, consult with documentation from your device manufacturer. More details can be found in Disabling Secure Boot.

  3. Remove the SkuSiPolicy.p7b policy.

    1. Start Windows normally and then sign in. The SkuSiPolicy.p7b policy must be removed from the following location:

      • ​​​​​​​<EFI System Partition>\Microsoft\Boot\SkuSiPolicy.p7b​​​​​​​

    2. Run the following commands from an elevated Windows PowerShell session to clean up policy from those locations:

      $PolicyBinary = $env:windir+"\System32\SecureBootUpdates\SkuSiPolicy.p7b" $MountPoint = 's:' $EFIPolicyPath = "$MountPoint\EFI\Microsoft\Boot\SkuSiPolicy.p7b" $EFIDestinationFolder="$MountPoint\EFI\Microsoft\Boot" mountvol $MountPoint /S if (-Not (Test-Path $EFIDestinationFolder)) { New-Item -Path $EFIDestinationFolder -Type Directory -Force } if (Test-Path   $EFIPolicyPath ) {Remove-Item -Path $EFIPolicyPath -Force } ​​​​​​​mountvol $MountPoint /D

  4. Turn on Secure Boot from BIOS. Consult with the documentation from your device manufacturer for locating where to turn on Secure Boot. If you turned off Secure Boot in Step 1 and your drive is protected by BitLocker, suspend BitLocker protection and then turn on Secure Boot from your UEFI BIOS menu.

  5. Turn on BitLocker. Run the following command from an elevated Command Prompt window:

    Manager-bde -protectors -enable c:

  6. Restart your device.

Change date

Description

April 8, 2025

  • Removed the first sentence of the "Important note about the SkuSiPolicy.p7b policy" section as the most recent update is currently not available for all Windows versions.

  • Updated the "Available mitigations" section adding more detailed information.

  • Added default mitigations for the boot session to prevent rollback of binaries for Windows 10, version 22H2 and later and VBS data protection for Secure Launch or DRTM-based devices on Windows 11, version 24H2.

February 24, 2025

  • Updated the Note in the "Policy activation events" section and added a second screenshot of the directory listing showing the "SiPolicy.p7b - Audit Policy" file.

February 11, 2025

  • Updated the script in Step 1 in the "Deploying a Microsoft-signed revocation policy (SkuSiPolicy.p7b)" section.

  • Added a Note to the end of the "Policy activation events" section and added a screenshot of the directory listing showing the "SkuSiPolicy.p7b - Revocation Policy" file.

  • Updated the script in Step 3b in the "Policy Removal and Recovery Procedure" section.

January 14, 2025

  • Added the Important note about the SkuSiPolicy.p7b policy at the top of this article.*

  • Removed the following Note (which was added on November 12, 2024) from the "Available mitigations" section as no longer needed:"Note Support for the SKUSIPolicy.p7b and VbsSI_Audit.p7b policies for Windows 10, version 1507, Windows 10 Enterprise 2016, and Windows Server 2016 have been added as part of the latest Windows updates released on and after October 8, 2024. Newer versions of Windows and Windows Server introduced these policies in the August 13, 2024 updates."

  • Added more information to the Note in the "Deploying a Microsoft-signed revocation policy (SkuSiPolicy.p7b)" section. Original text was "Note If updates are missing, the device may not start with the mitigation applied or the mitigation may not work as expected."*

  • Removed the second paragraph of the "Updating external boot media" section. Original text removed was "Boot media which is updated with the Microsoft-signed revocation policy, must only be used to boot devices that have the mitigation already applied.  If it is used with devices without the mitigation, the UEFI lock will be applied during startup from the boot media. Subsequent starts from disk will fail, unless the device is updated with the mitigation or the UEFI lock is removed."*

  • Removed the step "With the newly created media mounted, copy the SkuSiPolicy.p7b file to <MediaRoot>\EFI\Microsoft\Boot (for example, D:\EFI\Microsoft\Boot)" in the "steps to update the external boot media" procedure in the "Updating external boot media" section as this step is no longer necessary.*

  • Removed Steps 3 to 5 in the "Update Windows installation media with Dynamic Update guidance" procedure in the "Updating external boot media" section as the steps are no longer necessary.*

    • 3. Place the contents of the media on a USB thumb drive and mount the thumb drive as a drive letter. For example, mount the thumb drive as D:.

    • ​​​​​​​4. Copy SkuSiPolicy.p7b to <MediaRoot>\EFI\Microsoft\Boot (for example, D:\EFI\Microsoft\Boot).

    • 5. Safely remove the mounted thumb drive.

  • Updated the first paragraph of the "External Boot Media" topic in the "Understanding mitigation risks" section. Original text was "After the UEFI lock mitigations have been applied to a device, external boot media must be updated with the latest Windows updates installed on the device and with the Microsoft-signed revocation policy (SkuSiPolicy.p7b). If external boot media is not updated, the device might not boot from that media. See the instructions in the Updating external boot media section before applying the mitigations.*

  • Removed the second paragraph of the "External Boot Media" topic in the "Understanding mitigation risks" section. Original text was "Boot media which is updated with the Microsoft-signed revocation policy, must only be used to boot devices that have the mitigation already applied.  If it is used with devices without the mitigation, the UEFI lock will be applied during startup from the boot media. Subsequent starts from disk will fail, unless the device is updated with the mitigation or the UEFI lock is removed."*

  • Updated the "Pre-boot Execution Environment (PXE) boot" topic in the "Understanding mitigation risks" section. Original text was "If the mitigation is deployed to a device and you attempt to use PXE boot, the device will not start unless the mitigations are also applied to the network boot sources (root where bootmgfw.efi is present). If a device starts from a network boot source that has the mitigation applied, then the UEFI lock will apply to the device and impact subsequent starts. We do not recommend deploying mitigations to network boot sources unless all devices in your environment have the mitigations deployed. "*

November 12, 2024

  • In the "Available mitigations" section, support for the SkuSiPolicy.p7b and VbsSI_Audit.p7b policies for Windows 10, version 1507, Windows 10 Enterprise 2016, and Windows Server 2016 was added as part of the Windows updates released on and after October 8, 2024.

  • Updated the Windows release dates from August 13, 2024 to November 12, 2024 throughout.
Facebook LinkedIn Email
SUBSCRIBE RSS FEEDS

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center