Keys to BYPASS UEFI secure boot
Microsoft accidentally leaked the Secret keys to BYPASS UEFI secure boot that allows hackers to unlock devices protected by UEFI (Unified Extensible Firmware Interface) Secure Boot feature.
Secure Boot is a security feature that protects your device from certain types of malware, such as a rootkit, which can hijack your system bootloader. As well as, Secure Boot restricts you from running any non-Microsoft operating system on your device.
When Secure Boot is enabled, you will only be able to boot Microsoft approved operating systems.
However, the Golden Keys disclosed by two security researchers, using alias MY123 and Slipstream. They can be used to install non-Windows operating systems. Let’s say GNU/Linux or Android, on the devices protected by Secure Boot.
Moreover, in step with the journal post revealed by researchers, Microsoft can’t revoke the leaked keys. probably giving enforcement (such as law enforcement agency and NSA) special backdoor which will be wont to unlock Windows-powered devices in criminal cases.
The issue resides within the Secure Boot policy loading system. wherever specially signed policy hundreds early. This disables the software system signature checks, the reg reports.
This specific Secure Boot policy was created and signed by Microsoft for developers, testers, and programmers for debugging purposes.
Microsoft released August Patch Tuesday that includes a security patch for designing flaws in Secure Boot. The second time in two months, but unfortunately, the patch is not complete.