Microsoft Windows System Guard Launch Vulnerability

A denial-of-service vulnerability has been discovered in Windows 10 systems using UEFI Secure Boot and the System Guard Secure Launch functionality.

Threat ID:: CC-2902
Category:
Threat Severity:: Low
Threat Vector:
Published:: 29 January 2019 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

A denial-of-service vulnerability has been discovered in Windows 10 systems using UEFI Secure Boot and the System Guard Secure Launch functionality.

Affected platforms

The following platforms are known to be affected:

Windows 10

Microsoft Windows 10 Enterprise – Version 1809

Microsoft Windows 10 Education – Version 1809
Microsoft Windows Server 2019 – Version 1809

Threat details

The vulnerability appears to be the result of an unexpected interaction between Secure Launch and the Microsoft Security Compliance Toolkit, installed as part of the Windows 10 v1809 Security Baseline. Under certain conditions during a system update, this interaction can result in the affected system not rebooting properly.

At the time of publication, this vulnerability affects Windows Server 2019 and the Enterprise and Education versions of Windows 10 as these are currently the only versions of Windows to implement System Guard Secure Launch.

Remediation steps

Type	Step
	Microsoft have acknowledged the vulnerability and have announced an update will be produced to address it. They have also recommended disabling the ConfigureSystemGuardLaunch group policy as a partial mitigation in the meantime.

Last edited: 14 February 2020 2:50 pm