Microsoft Windows Secure Boot Certificate Expiration Security Feature Bypass Vulnerability

A security feature bypass vulnerability has been identified in Windows Secure Boot due to the impending expiration of Microsoft certificates stored in the UEFI Key Exchange Key (KEK) and Database (DB). Affected devices must update these certificates to maintain Secure Boot functionality and security, as outdated certificates could disrupt the trust chain and lead to vulnerabilities in the Windows boot manager. The certificate update process may be unreliable, requiring careful validation to ensure security is restored.

Impact

Exploitation of this vulnerability could bypass Secure Boot, allowing unauthorized modifications to the boot process or the loading of untrusted components.

Remediation

Users can download the security update for their specific Windows version through the Microsoft Update Catalog. For detailed guidance on updating Windows Secure Boot certificates, refer to the Microsoft Knowledge Base articles KB5073724, KB5073723, KB5073457, KB5074109, and KB5073379.