What happened to KB5012170 – DBX Secure Boot?

Topic

New Reply

I am Win10/Pro, 22H2

I see that KB5012170 – DBX Secure Boot is still on the Master Patch List. I last hid it using WUSH on Feb 6, 2023 (almost a year ago).

On Jan 9, I hid all of the January patches, including the problematic KB5034441. When I check WUSH on Jan 26, KB5012170 is no longer there. I didn’t check WUSH for it on Jan 9, so I don’t know if was still there when I hid the Jan patches. But, today all the January patches ARE still there and KB5012170 is gone, as noticed 4 days ago. I have no evidence that it installed (looking at WU History and Installed Updates).

Was KB5012170 pulled from the WU queue when KB5034441 was released into the WU queue?

I ask because it is still in the MS catalog as 2022-12 Security Update for Windows 10 Version 22H2 for x64-based Systems (KB5012170) last modified 4/11/2023. So, it looks it’s still on the books, but pulled from the WU queue, maybe when KB5034441 was released.

Does anyone know anything about this?

Reply | Quote

Replies

WCHS wrote:

(looking at WU History and Installed Updates)

Look at uninstall update list.

I installed KB5012170 with no ill effects.

Reply | Quote

Alex5723 wrote:

Look at uninstall update list.

WCHS wrote:

I have no evidence that it installed (looking at WU History and Installed Updates).

Didn’t I say that I had looked there? To wit, Settings > Update & security > Windows Update > View update history > Uninstall updates {blue link at the top, which I think you are referring to} takes one to Control Panel > Programs > Programs and Features > Installed Updates. The location of Uninstall updates = the location of Installed Updates, same-same.

I said that the other place I looked was ‘WU History” — instead of that, maybe I should have said WU’s ‘View update history,’ where one sees the subheading ‘Update history’ (which is what I meant when using the term ‘WU {WU = Windows’ Update} history) — this is a listing of all the updates installed — date & name of the update & KB# (in blue), and below whether it was successfully installed and if so, the date installed.

Hope this is clear now.

Anyway, the point is: KB5011270 is no longer in WUSH and that’s not because it was installed. So, why is it no longer there? Is it because it was pulled from the queue after KB5034441 was released. Does anyone who had in hidden (whatever method was used to hide it) still have it hidden? Or has it disappeared? And if it’s disappeared, what is the reason? Could the reason be that KB5034441 took its place?

Reply | Quote

I also hid KB5012170 per Susan’s urging, and it disappeared from wushowhide for me in May or June of last year. Hasn’t been back since, so I figured MS must’ve superseded it with a monthly update that had KB5012170 in it.

1 user thanked author for this post.

WCHS

Reply | Quote

Bob99 wrote:

I also hid KB5012170 per Susan’s urging, and it disappeared from wushowhide for me in May or June of last year.

Hi WCHS:

See EP’s 18-May-2023 post # 2560271 in Susan Bradley’s May’s messy updates, which states in part:

“it appears that the KB5012170 updates can no longer be installed after installing the recent May 2023 updates, at least under most Win10/Win11 versions that I’m using….”

Just FYI, Windows Update successfully installed KB5012170 on my (then) Win 10 Pro v22H1 machine on 12-Aug-2022 and didn’t trigger a request for my BitLocker recovery key after my system restarted, but my BitLocker drive encryption was turned OFF at the time.
————-
Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.3930 * Firefox v122.0.0 * Microsoft Defender v4.18.23110.3-1.1.23110.2 * Malwarebytes Premium v4.6.8.311-1.0.2249 * Macrium Reflect Free v8.0.7783

1 user thanked author for this post.

WCHS

Reply | Quote

Thanks for the answers here — that Microsoft has pulled it. I’m still a bit confused about this, though, because it’s still listed in the Master Patch list.

Reply | Quote

WCHS wrote:

Thanks for the answers here — that Microsoft has pulled it…

Hi WCHS:

Perhaps “re-issued” is a more accurate description.

I’m not sure it’s correct to say that KB5012170 was permanently pulled by Microsoft, since the security feature bypass vulnerability in Secure Boot that is patched by KB5012170 (see the security advisory ADV200011 – Microsoft Guidance for Addressing Security Feature Bypass in GRUB) might still require patching on systems that did not install KB5012170 when it was originally released in August 2022. The Known Issues section of the release notes <here> for KB5012170 states that some issues with installation of KB5012170 were eventually resolved by installing “the Servicing Stack Update (SSU) released March 14, 2023, or a later SSU update“.

If you search the Microsoft Update Catalog at https://www.catalog.update.microsoft.com/Search.aspx?q=KB5012170 x64-based you will see that many 64-bit standalone installers for KB5012170 were re-issued for Win 10 / Win 11 (v20H2 and higher) on 11-Apr-2023 after the March 2023 SSU was released. Here are the standalone installers currently offered on the Microsoft Update Catalog for the subset of systems with 64-bit Win 10.

If I check the package details for the KB5012170 updates that were re-issued on 11-Apr-2023 there is also nothing to indicate that that KB5012170 has been superseded (replaced) by a newer update with a higher KB number.

All I can tell you is that there are other users in this AskWoody forum who have reported that if they used a tool like WUshowhide to hide the KB5012170 update prior to applying their August 2022 Patch Tuesday updates then this update was not offered again after they unhid KB5012170 after the March 2023 SSU was released.

However, I don’t know if that means that there is a glitch in WUshowhide, or if Microsoft improved the logic of the re-issued KB5012170 installers that does a better job of determining if the system is actually vulnerable to the exploits described in ADV200011 and still requires KB5012170.

EDIT:

I also noticed that the latest KB5012170 installer offered <here> in the Microsoft Update Catalog for Win 10 v22H2 is listed as “2022-12 Security Update for Windows 10 Version 22H2 for x64-based Systems (KB5012170)” (i.e., not 2022-08 like installers for other 64-bit Win 10 versions).  Perhaps the KB5012170 installer for 64-bit Win 10 v22H2 was re-offered in Dec 2022 with minor improvements after the Win 10 v22H2 Feature Update was released in October 2022.
————
Dell Inspiron 15 5584 * 64-bit Win 10 Pro v22H2 build 19045.3930 * Firefox v122.0.1 * Microsoft Defender v4.18.23110.3-1.1.23110.2 * Malwarebytes Premium v4.6.8.311-1.0.2259 * Macrium Reflect Free v8.0.7783

Reply | Quote