ADV230002 Microsoft Guidance for Addressing Security Feature Bypass in Trend Micro EFI Modules

Trend Micro has released [CVE-2023-28005](https://success.trendmicro.com/dcx/s/solution/000292473?language=en_US) to address a secure boot bypass. Subsequently Microsoft has released the July Windows security updates to block the vulnerable UEFI modules by using the DBX (UEFI Secure Boot Forbidden Signature Database) disallow list.

To exploit this vulnerability, an attacker would need to have administrative privileges or physical access on a system where Secure Boot is configured to trust the Microsoft Unified Extensible Firmware Interface (UEFI) Certificate Authority (CA).

CVEs released for this issue: CVE-2023-28005.

## …

access actions administrative privileges adv authority boot certificate certificate authority customers cve cves exploit firmware information install interface issue latest microsoft physical privileges secure boot security security updates system trust uefi updates vulnerability windows windows security