Two security researchers have publicly revealed issues in the Secure Boot security software that's included in many Windows devices. Attackers could, in theory, exploit this issue and bypass Secure Boot to install bootkits and rootkits on those devices.
The researchers posted their findings in a rather noisy and retro-styled website earlier this week. Microsoft started using Secure Boot with Windows 8, and it is supposed to confirm that the bootloader can only run on that system. It was designed to keep malware or rootkits from booting on a device as well.
However, the researchers found that someone had leaked a Microsoft-created policy, meant just for developers for debugging, on the internet:
A backdoor, which MS put into Secure Boot because they decided to not let the user turn it off in certain devices, allows for Secure Boot to be disabled everywhere.
The researchers informed Microsoft of this Secure Boot issue earlier this year. ZDNet reports that Microsoft has since released two patches to fix this issue; one arrived in July and another earlier this week. A third patch is due for release in September. Even with these attempts to solve this problem, the researchers believe it will not be possible to fix this flaw in every Windows device that uses Secure Boot.
