Microsoft fixes security flaws (CVE-2020-0689) in Windows 10 secure boot

According to the Microsoft Security Bulletin, the company has fixed the vulnerability that the Windows 10 secure boot function was bypassed in the security update released this month.

The secure boot function is usually a security function configured on UEFI and TPM computers to restrict untrusted programs from being loaded directly during the boot phase.

This can prevent malicious software from being loaded directly during the operating system startup process. Hackers usually try to inject malicious code into the firmware to replace the normal boot program.

The vulnerability numbered CVE-2020-0689 can exploit certain codes, and specially designed codes can bypass secure boot and load untrusted software.

It is not only the Windows 10 system that is affected by the vulnerability but also Windows 8.1, Windows 10 Server 2012, and 2012 R2.

To block untrusted programs during the secure boot phase, Windows devices with UEFI firmware use a secure boot prohibition signature database for verification.

The KB4535680 security update released by Microsoft updates the signature database, but users must manually download the corresponding security update to complete the deployment.

That is to say, the routine update security pushed by Microsoft does not include the fix for this vulnerability. Users need to download the independent security update KB4535680 to fix it.

Of course, as a security update, Microsoft also actively pushes it to users for installation. Here we want to remind users who prohibit automatic system updates to download and install manually.

After investigation, this vulnerability does not affect the x86 and ARM64 microarchitectures, so Microsoft has deleted the corresponding updates and only retains the AMD 64 or 64-bit system version.