Shulou(Shulou.com)11/24 Report--

CTOnews.com Microsoft has confirmed that there is a problem with Windows Update functionality, but this time it is caused by updates to several recent versions of Windows released by the company.

Microsoft says users may see an error 0x800f0922 when trying to install the Secure Boot DBX (KB5012170) update. This issue affects all supported versions of Windows from Win8.1 to Win11 (client and server).

According to the company, affected versions of Windows include:

Windows 11，21H2

Windows 10，21H2

Windows 10, 21H1

Windows 10, 20H2

Windows 10 Enterprise LTSC 2019

Windows 10 Enterprise LTSC 2016

Windows 10 Enterprise LTSB 2015

Windows 8.1

Windows Server 2022

Windows Server, version 20H2

Windows Server 2019

Windows Server 2016

Windows Server 2012 R2

Windows Server 2012

Microsoft said its engineers and developers were investigating the vulnerability. Although there is no complete fix yet, Microsoft has provided interim solutions, although this approach does not work for all users. Simply put, affected users can bypass the issue by updating their BIOS to the latest version before installing KB5012170.

It is worth noting that this issue affects only security updates for Secure Boot DBX. If you don't need a safe start, you can just ignore it. Or, if your model does not have an updated version of UEFI BIOS update, then you can only wait for Microsoft officials to give a more complete solution.

When trying to install KB5012170, it may fail and you may receive an error "0x800f0922." Note: This issue only affects security updates for Secure Boot DBX (KB5012170) and does not affect the latest cumulative security updates, monthly rollup, or security updates released on August 9, 2022.

Upgrading UEFI bios to the latest version before installing KB5012170 can alleviate this problem. Next: We are investigating and will provide updates in upcoming releases.

KB5012170: Summary of security updates for Secure Boot DBX This security update improves the supported Windows versions of Secure Boot DBX listed in the For Use section. Major changes include:

Windows devices with Unified Extensible Firmware Interface (UEFI-based) firmware can run with Secure Boot enabled. Secure boot prohibits the signature database (DBX) from loading UEFI modules. This update adds modules to DBX.

A security feature bypass vulnerability exists in Secure Boot. An attacker who successfully exploited the vulnerability could bypass secure boot and load untrusted software.

The security update addresses the vulnerability by adding the signature of a known vulnerable UEFI module to DBX.

Applicable to:

Windows Server 2012

Windows 8.1 and Windows Server 2012 R2

Windows 10 version 1507

Windows 10 version 1607 and Windows Server 2016

Windows 10 version 1809 and Windows Server 2019

Windows 10 version 20H2

Windows 10 version 21H1

Windows 10 version 21H2

Windows Server 2022

Windows 11 version 21H2 (original version)

Azure Stack HCI version 1809

Azure Stack Data Box version 1809 (ASDB)

CTOnews.com reminds that some overseas netizens solved this problem by clearing the security boot key and BitLocker, but it seems that it does not apply to everyone.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.