Security researchers MY123 and Slipstream discovered a flaw that allowed the Secure Boot to bypass devices that use Windows.
According to Microsoft's description, Secure Boot is a security protocol developed jointly with members of the PC industry that is included in the UEFI firmware and helps your computer, laptop ή smartphone σας κατά τη procedure της εκκίνησης.
Secure Boot was created to protect the computer from malware that modifies the boot process, and its role is to prevent violations of files loaded at startup.
Researchers MY123 and Slipstream have discovered that after the release of Windows 10 1607 Redstone, Microsoft added a new type of Secure Boot policy, which it calls a "supplemental" policy.
The researchers claim that the complementary policy can be used to apactivation της ασφαλής λειτουργίας εκκίνησης που ελέγχει αν τα αρχεία που εκτελέστηκαν κατά τη διάρκεια της εκκίνησης είναι κρυπτογραφημένα με την ψηφιακή υπογραφή της Microsoft.
This policy allows an attacker to turn Secure Boot into a test mode called "testsigning", which allows unsigned executables to be loaded onto the device, thus taking control of each computer.
Most likely, this policy was added during the Windows 10 development process so that the unsigned developer drivers can load the Windows 10 trial versions.
Nevertheless, this policy has remained, and so Secure Boot acts as a backdoor, allowing third parties to access each device.
Meanwhile, someone leaked to the internet the "testing" policy that allows anyone to load it with the UEFI firmware and bypass the Secure Boot of protected devices.
The researchers had revealed the problem to Microsoft, which initially did not want to make it for reasons that were not disclosed.
The company later seems to have changed its mind and the patches released in July corrected the issue (MS16-096).
Researchers have said, however, that the update can not fully fix the problem.
Researchers also said:
"About the FBI: You readers, this is a perfect example of why the idea of backdooring cryptography with a 'secure golden key' is very bad!"
What does this mean; The US authorities have always been looking for a backdoor on every system that is connected to the internet. Privacy advocates have always mentioned the backdoors' dangers, as if US services can use them, everyone with the necessary knowledge or even a little luck.
https://rol.im/securegoldenkeyboot/
