Windows 8 970 Published by

Neowin posted a story that researchers showed off how they were able to bypass the Secure Boot system in Windows 8 in two separate exploits at the Black Hat conference last week in Las Vegas



With the launch of Windows 8 in 2012, Microsoft also put in a new secure boot system in the OS that was not only supposed to be faster than previous versions of Windows but much more secure. Last week, researchers at the Black Hat conference in Las Vegas demonstrated two exploits that could allow hackers to bypass the Secure Boot system in order to install an Unified Extensible Firmware Interface (UEFI) bootkit.

In theory, UEFI PCs can only boot up software that have the proper digital signatures to prevent malware from being booted up as well, as shown in the above diagram. ITWorld.com reports that the the researchers (Andrew Furtak, Oleksandr Bazhaniuk and Yuriy Bulygin) showed their two exploits were able to work not because of issues with the Secure Boot setup but because PC vendors have made errors in their own implementation of UEFI.
  Windows 8 Secure Boot bypassed thanks to sloppy OEM implementation