Windows 11 – GARYTOWN ConfigMgr Blog

PowerShell Script – KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932

April 19, 2024April 18, 2024 by gwblok

Required Reading: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 – Microsoft Support Related: Words of Warning Once you’ve applied the mitigations outlined in the KB, the device is difficult to work with when it comes to boot media / reimaging. Personally, I’d only do this on some … Read more

ConfigMgr Task Sequence – KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932

April 19, 2024April 16, 2024 by gwblok

Required Reading: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 – Microsoft Support Words of Warning Once you’ve applied the mitigations outlined in the KB, the device is difficult to work with when it comes to boot media / reimaging. Personally, I’d only do this on some … Read more

ARM64 – Creating your WinPE

February 8, 2024 by gwblok

TLDR: Script on GitHub: garytown/OSD/ARM64/Create-WinPEARM64.ps1 NOTE, this will be the first of a few posts dealing with my ARM devices experience. I now have a single ARM test device (consumer grade Samsung Galaxy Book Go – NP340XLA-KA1US) and hopefully a MS Surface device soon, and eventually some yet to be released HP devices. Future posts … Read more

KB5025885: Dealing with CVE-2023-24932 for your ConfigMgr boot images.

April 22, 2024May 12, 2023 by gwblok

Update 4/22/24 – Everything Change in April 2024 – Please see my recent posts:KB5025885 – Updating your USB Boot Media – Leveraging OSD Module Rest of this page is basically obsolete at this point. Leaving here for link backs. Update 9/19/23. Updated ADK Released! https://learn.microsoft.com/en-us/windows-hardware/get-started/adk-install#download-the-adk-for-windows-11-version-22h2-updated-september-2023 I recently wrote a post for how to apply the … Read more

Windows SafeGuard Hold ID Lookup – Crowd sourced

October 3, 2022 by gwblok

Hey Team, I’m working on building out a safeguard hold database to easy lookup safeguard hold IDs. Currently I’ve scratched together 100 safeguard hold ids with information. What is a Safe Guard hold? Microsoft uses quality and compatibility data to identify issues that might cause a Windows client feature update to fail or roll back. … Read more