TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

Microsoft Secure Boot key leaks online, opens firmware to attackers

Security researchers, MY123 and Slipstream, have revealed a major security lapse by Microsoft. The two found that Microsoft accidently leaked keys that allow users to unlock any devices which are protected by Secure Boot.

Secure Boot which was added as a security guard in Windows 8.1 and above, is a feature of UEFI (Unified Extensible Firmware Interface) that ensures that each component loaded during the boot process is digitally signed and validated. Secure boot makes sure that your PC boots using only software that is trusted by the PC manufacturer or the user.

Secure Boot
Microsoft Secure Boot key leaks

Secure boot prevents other users on running other operating systems on Windows systems through policies and rules governed by Windows Boot manager. These boot policies are in fact loaded early on and they also disable any operating system checks. While this feature is good for developers and gives them the freedom to install any other operating systems such on Linux on Windows RT and Windows Phone, it also means that attackers with physical access to a PC can install any malware they want.

Apparently, the boot policy has been leaked online and can be employed by users with admin access to sneak into the PC bypassing Secure Boot.

The researchers wrote,

“You can see the irony. Also the irony in that MS themselves provided us several nice “golden keys” (as the FBI would say 😉 for us to use for that purpose 🙂
About the FBI: are you reading this? If you are, then this is a perfect real world example about why your idea of backdooring cryptosystems with a “secure golden key” is very bad! Smarter people than me have been telling this to you for so long, it seems you have your fingers in your ears. You seriously don’t understand still? Microsoft implemented a “secure golden key” system. And the golden keys got released from MS own stupidity. Now, what happens if you tell everyone to make a “secure golden key” system? Hopefully you can add 2+2…”

Responding to Researchers on the leaks, Microsoft originally declined to issue a fix, but later came out with 2 fixes, one in the month of July and another this month. Researchers say that even after the 2nd fix, issue is not mended fully as it is impossible for Microsoft to revoke every bootmgr earlier than a certain point, as they’d break install media, recovery partitions, backups, etc. They expect Microsoft to come up with a 3rd fix soon.

Updated on Tags:

AnkitGupta@TWCN

Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap