MicrosoftConsistent with my reply to your other article here https://techcommunity.microsoft.com/t5/windows-it-pro-blog/updating-microsoft-secure-boot-keys/ba-p/4055324
I cannot believe you are giving this instruction to Microsoft users:
DO NOT apply the DBX to a device without DB update through manual update, using set-securebootuefi, as the system will not boot. Specifically, this will bypass the safety checks included in our servicing tool (Windows Updates) to guard against breaking issues. Update your device by relying on our published mitigations.
From what I gather how Secure Boot works - the reason why it would break in those situations is precisely because the firmware isn't getting the right sign-off from the software which means one of these is unauthorized - ie the very reason why Secure Boot exists - and in that case, it won't boot up and breaks.
Which must mean - very strangely since you are asking users to do this on a microsoft.com site - that
1. either the new DBX you are telling us to install isn't sanctioned by Microsoft - that's why you're telling us not to do it before we apply the DB update.
2. Which also means neither the DB update is sanctioned by Microsoft too - cuz if it is, why would it be something they didn't enable automatically and had to wait for users to do it manually?
I would like to know what is going on here.
Is this Tech Community, blogs, writers and users included - in fact, the whole domain even a legit official Microsoft website to begin with or is this a malicious spoof with ill-intent?
