fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Windows KB5012170 Secure Boot DBX Update may Fail with 0x800f0922 Error

Windows KB5012170 Secure Boot DBX Update may Fail with 0x800f0922 Error

Microsoft is warning that users may see a 0x800f0922 error when trying to install Windows KB5012170 Secure Boot security update on currently supported operating systems for consumers and the enterprise-class Server version.

The problem does not affect the cumulative security updates, monthly rollups, or security-only updates that Microsoft made available on August 9.

Bootloader issues

Error 0x800f0922 is related strictly to KB5012170, a security update for the Secure Boot DBX (Forbidden Signature Database), a repository that holds revoked signatures for Unified Extensible Firmware Interface (UEFI) bootloaders.

A UEFI bootloader runs immediately after turning on the system and is responsible for launching the UEFI environment with the Secure Boot feature that allows only trusted code to be executed when starting the Windows booting process.

Also Read: Top 25 Data Protection Statistics That You Must Be Informed

Last week, security researchers from Eclypsium disclosed vulnerabilities in three signed third-party bootloaders that could be exploited to bypass the Secure Boot feature and infect the system with malicious code that is difficult to detect and remove.

The three packages are:

  • New Horizon Datasys Inc: CVE-2022-34302 (bypass Secure Boot via custom installer)
  • CryptoPro Secure Disk: CVE-2022-34303 (bypass Secure Boot via UEFI Shell execution)
  • Eurosoft (UK) Ltd: CVE-2022-34301 (bypass Secure Boot via UEFI Shell execution)

Microsoft has addressed the issue by adding the signatures of the bootloaders above to the Secure Boot DBX so that vulnerable UEFI modules can no longer load.

On systems that start with one of the three now revoked bootloaders, Microsoft says that the KB5012170 update will generate error 0x800f0922 since a bootloader is essential for Windows to launch with Secure Boot.

Microsoft lists the following affected platforms:

  • Client: Windows 11, version 21H2; Windows 10, version 21H2; Windows 10, version 21H1; Windows 10, version 20H2; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1
  • Server: Windows Server 2022; Windows Server, version 20H2; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012

Bootloader update removes error 0x800f0922

Microsoft notes that mitigating the issue is possible by updating the UEFI version to the latest version from the vendor.

Researchers at Eclypsium recommend organizations check if the bootloaders on their systems are vulnerable before trying to update the DBX revocation list.

Also Read: Completed DPIA Example: 7 Simple Helpful Steps To Create

Bootloaders are typically stored in the EFI System Partition, which can be mounted on both Windows and Linux to inspect their version and learn if they are vulnerable or not.

The researchers warn that updating the DBX revocation list on systems with vulnerable bootloaders, where this is possible, will lead to device boot failure.

Updating DBX is recommended only after making sure that the device is running a non-vulnerable bootloader version from the vendor.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us