News
Microsoft Secure Boot Has Been Bypassable for a Decade Via Unrevoked Shims
Ars Technica reports that old, forgotten bootloader 'shims' Microsoft never revoked make Secure Boot bypasses trivial — a flaw that has existed for most of the feature's life. Secure Boot is the root of trust that measured-boot and disk-encryption attestation chains depend on, so this undermines assumptions baked into enterprise device compliance. Landed the same week as a record Patch Tuesday plus an actively exploited Windows 0-day.
Source
↳ Follow the thread