Updated 15 May 2023 (Windows Update does not block IGEL OS boot)
First published 12 May 2023
CVSS:3.1 6.7 / 6.2 (Medium)
CVSS:3.1 vector n/a
Summary
A fix for a UEFI Secure Boot issue may affect booting IGEL OS on some devices.
This affects the following IGEL products:
IGEL OS 11
IGEL OS 12
IGEL UD Pocket
Details
In order to block UEFI Secure Boot malware such as the Black Lotus bootkit (CVE-2023-24932), Microsoft has published a security update that revokes a number of bootloaders from UEFI Secure Boot (KB5025885). Also, the UEFI Forum has updated their revocation list.
IGEL has determined that the UEFI Forum revocation list of 9 May 2023 does not block the IGEL Shim bootloader. Customers that apply this revocation list will not have issues with booting IGEL OS.
Applying Microsoft KB5025885 and its revocation command does not block the IGEL Shim bootloader either, testing at IGEL has shown.