/
Remove/Approve Untrusted Boot Components
Remove/Approve Untrusted Boot Components
- Former user (Deleted)
Owned by Former user (Deleted)
Description:
With Secure Boot enabled, all OS boot components (boot loader, kernel, kernel drivers) must be signed by trusted publishers. Security Center has identified untrusted OS boot components on one or more of your Linux machines. To protect your machines from potentially malicious components, add them to your allow list or remove the identified components.
Remediation:
Investigate the untrusted boot components. If they are legitimate, add them to the allow list. Otherwise, remove them.
Reference:
More detail on the concept of Secure Boot can be found here: https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-secure-boot
, multiple selections available,
Related content
Secure Boot Should be Enabled on Supported Windows Virtual Machines
Secure Boot Should be Enabled on Supported Windows Virtual Machines
More like this
Linux Virtual Machines Should Use Secure Boot
Linux Virtual Machines Should Use Secure Boot
More like this
Guest Attestation Extension Should be Installed on XYZ
Guest Attestation Extension Should be Installed on XYZ
More like this
Linux Virtual Machines Should Enforce Kernel Module Signature Validation
Linux Virtual Machines Should Enforce Kernel Module Signature Validation
More like this
Virtual Machines Guest Attestation Status Should be Healthy
Virtual Machines Guest Attestation Status Should be Healthy
More like this
Windows Defender Exploit Guard Should be Enabled on Your Machines
Windows Defender Exploit Guard Should be Enabled on Your Machines
More like this