Microsoft security advisory: Update to revoke noncompliant UEFI boot loader modules: perhaps updated perhaps outdated

It sucks when old web content appears to have been updated, you can’t tell if it is newly-revised content or just some old content that some WWW Craweler mistakenly thinks is new. This Microsoft page is from a few years ago, but appears to have been recently updated:

https://support.microsoft.com/en-us/help/2871690/microsoft-security-advisory-update-to-revoke-noncompliant-uefi-boot-lo

It probably hasn’t been updated, it appears to focus on old versions of Windows. BUT, at the bottom of the page, it says:

Last Updated: Apr 16, 2020

AND, this is a Microsoft download page for dbxupdate.bin, a file that is hard to locate proper download links for on the site, this is one of the few web pages with such links. And Microsoft is the UEFI Certificate Authority and ships their own DBX blobs beyond the uefi.org-hosted ones. So MAYBE the content includes a new Microsoft DBX binary file. Or maybe the web page is wrongly-labeled as being recently-updated. ?

Regardless, unfortunately, I still am wondering how the UEFI Secure Boot key distribution can be so haphazardly done:

https://firmwaresecurity.com/2020/02/21/microsoft-where-is-your-latest-dbxupdate-bin-uefi-forum-why-arent-you-hosting-the-file-as-well/

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s