汇总记录各种奇特的windows手工更新
1.- Microsoft Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Please refer to this advisory page for more information and updates on this Vulnerability; [CVE-2024-21302](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21302)
fix步骤:
打开powershell,输入:Get-CimInstance -ClassName Win32_DeviceGuard -Namespace root\Microsoft\Windows\DeviceGuard
此时:VirtualizationBasedSecurityStatus 为0,UsermodeCodeIntegrityPolicyEnforcementStatus 也为 0
添加SiPolicy.p7b
# Initialize policy location and destination
$PolicyBinary = $env:windir+"\System32\SecureBootUpdates\VbsSI_Audit.p7b"
$DestinationBinary = $env:windir+"\System32\CodeIntegrity\SiPolicy.p7b"
# Copy the audit policy binary
Copy-Item -Path $PolicyBinary -Destination $DestinationBinary -force
然后重启,再次检查
此时 UsermodeCodeIntegrityPolicyEnforcementStatus 为 1