KB5012170 - Clarification - Check Script Still Says Vulnerable

Question

Looking to see if anyone has some clarification on the BOOTHOLE vulnerability remediation:

Test Box: Windows 10 Pro 22H2 - 19045.4046

Microsoft release KB5012170 in order to close this vulnerability. I've tried installing the MSU, but it says it's already installed. I can also detect it on my test box with Powershell:

https://support.microsoft.com/en-us/topic/kb5012170-security-update-for-secure-boot-dbx-72ff5eed-25b4-47c7-be28-c42bd211bb15

However, looking at the advisory, Microsoft recommends running a check via Powershell. My test system returns TRUE, so expect the system is still vulnerable:

https://msrc.microsoft.com/update-guide/en-US/advisory/ADV200011

Am I missing something? Do I still need to go through the manual application as described in this article, or does the 5012170 protect the system regardless?

https://support.microsoft.com/en-us/topic/microsoft-guidance-for-applying-secure-boot-dbx-update-kb4575994-e3b9e4cb-a330-b3ba-a602-15083965d9ca

If anyone has any helpful information on this it would be helpful. I'm likely missing something obvious, but I want to make sure we are protected on this one.

Thanks!

Rick

Answer

Hello RickAZEP,

Thank you for posting in Q&A forum.

Please ensure that KB5012170 was installed correctly. You can check the installation history in Windows Update to confirm this.

If the problem continues, you could try to uninstall the KB5012170, and manually install it again.

I hope the information above is helpful.

If you have any questions or concerns, please feel free to let us know.

Best Regards,

Daisy Zhou

============================================

If the Answer is helpful, please click "Accept Answer" and upvote it.

Share via

KB5012170 - Clarification - Check Script Still Says Vulnerable

1 answer

Your answer