CVE-2023-24932 Secure Boot Security Feature Bypass Vulnerability

Microsoft has released July 8, 2025 security updates for all supported versions of Windows that provide new mitigations to protect against this vulnerability; however, these mitigations are not enabled by default. After you have installed the updates, follow the steps outlined in KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 to enable these protections.

All Windows devices should have the the July 8, 2025 security updates installed regardless of your plan to enable the mitigations.

Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932