Clearly that the secure boot function of Windows could be avoided

BySoapbeard

Secure bootIs a function to "enable the PC to be started using only software trusted by the PC manufacturer", since the OS check is done at the time of starting the PC, it prevents other OS such as Linux from starting up . However, researchers point out that "Secure boot is dead" because "golden key" to avoid this function existed.

Secure Golden Key Boot: (MS 16 - 094 / CVE - 2016 - 3287, and MS 16 - 100 / CVE - 2016 - 3320)
(※ volume attention)https://rol.im/securegoldenkeyboot/


Secure Boot snafu: Microsoft leaks backdoor key, firmware flung wide open | Ars Technica
http://arstechnica.com/security/2016/08/microsoft-secure-boot-firmware-snafu-leaks-golden-key/

Secure Boot is almost certainly dead.

- Longhorn (@ never_released)8th August 2016

Secure Boot is on its deathbed.

Writeup coming tomorrow or Wednesday.

- slipstream / RoL (@ TheWack0lian)8th August 2016

This is on Twitter "@ Never_released"(My 123) and"@ TheWack0lianWhat the user pointed out as "slipstream". The two have also opened a page to explain what this "golden key" is.

"Golden key" is a "key" to use the backdoor that Microsoft had set up for secure boot. In secure boot, restrictions are imposed on tablets and smartphones not to carelessly start operating systems other than Windows, but backdoors are prepared for developers and others who need to use other OS , Android and Linux were able to be started.

The key was found as of March 2016. Because it is also a type of vulnerability, Microsoft is using the security update "MS 16 - 094We distributed it in July.

However, because measures were insufficient, in AugustMS 16 - 100We distributed a patch called "patch" and implemented countermeasures.

The cause is due to the policy change added at the time of "Windows 10 v1607" development. The hole was empty where it was originally supposed to have been confirmed, and researchers pointed out that irony it is like Microsoft gave us a key.