Vulnerability Details

Microsoft Windows: Allow Secure Boot for integrity validation

Published: 2018-06-26 06:26:52

CVSS Base Vector:
AV:L/AC:H/Au:S/C:N/I:N/A:N

Report Confidence:
97

Summary:
This test checks the setting for policy 'Allow Secure Boot for integrity validation' on Windows hosts (at least Windows 8.1). The setting controls whether Secure Boot is allowed as the platform integrity provider for BitLocker operating system drives. Secure Boot ensures that the PCs pre-boot environment only loads firmware that is digitally signed by authorized software publishers. Secure Boot also provides more flexibility for managing pre-boot configuration than legacy BitLocker integrity checks. When enabled and the hardware is capable of using Secure Boot for BitLocker scenarios, the 'Use enhanced Boot Configuration Data validation profile' GP setting is ignored and Secure Boot verifies BCD settings according to the Secure Boot policy setting, which is configured separately from BitLocker.

Severity
Detection Plugin
CVSS Score
0.0
Published
2018-06-26
Modified
2018-08-10
Category
Policy

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.