Sunday August 14, 2016

Microsoft Leaks Backdoor Keys To UEFI Secure Boot

Microsoft has shown why backdoors may be a bad idea after accidentally shipping its "golden keys" to Secure Boot, which would allow someone to unlock any Windows device protected by the feature and run any OS they wishآ—or, for the more nefarious, bootkits/rootkits at the deepest level. Microsoft has responded, claiming that desktop or enterprise systems are not affected.

Microsoft's Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware which is meant to ensure each component of the system boot process is signed and validated. When Secure Boot is fully enabled, it also prevents users from booting up other operating systems which take their fancy. In addition, there are specific systems and devices -- such as Windows RT and Windows Phone -- where Secure Boot cannot otherwise be disabled by the user. Secure Boot works in tandem with particular policies which are read and obeyed by Windows boot manager. For testing and tweaking purposes, Microsoft has one particular boot policy which loads early on and disables operating system checks.