UPDATE 7/11:
Second Deployment This phase starts with updates released on July 11, 2023, which adds additionally support mitigating the issue.
Security updates released May 9, 2023 and later contain security hardening changes to protect against vulnerabilities tracked by CVE-2023-24932 that can bypass the Secure Boot security feature using the BlackLotus UEFI bootkit. These hardening changes are available but not enabled by default in these updates. The security hardening for CVE-2023-24932 will be done in phases, as steps must be taken to prevent issues on your device when the revocations are applied/enabled, which is required to address CVE-2023-24932.
For information on how to apply the revocations and what is required before you apply the revocations, see KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932. We recommend that all Windows users review this documentation carefully, including both IT administrators and consumers.
Read more: https://support.microsoft.com/en-us/...3-b3ff139f832d
i need help with this. the advisory says to create boot media for installing windows 10 that includes the may 9th windows update and that the ISO's for that will be available through "windows downloads." well, the ISO for creating boot media for installing windows 10 is labeled as "22H2." how can we tell if the ISO for installing windows 10 has been updated to include the may 9th windows update?
Use this tutorial to see the details of the ISO. For a Windows 10 ISO, at Step 6 you want to see a ServicePack Build number of 2965 (or higher).
See Full Details about a Windows 10 ISO file or USB
If you use Microsoft's Media Creation Tool to make your ISO, then the Windows 10 MCT now makes an ISO for 19045.2965 which is the May 9th release. The Windows 11 MCT has also been updated to the May 9th release, now making an ISO for 22621.1702.
thank you very much, bree. and thanks to brink, too, for providing the information about how to use command prompt to determine the build of the install-media.
UPDATE 7/11:
Second Deployment This phase starts with updates released on July 11, 2023, which adds additionally support mitigating the issue.
Quote