A Tale of One Software Bypass of Windows 8 Secure Boot presented at BlackHatUSA 2013

by Yuriy Bulygin, Andrew Furtak, Oleksandr Bazhaniuk,

Summary : Windows 8 Secure Boot based on UEFI 2.3.1 Secure Boot is an important step towards securing platforms from malware compromising boot sequence before the OS. However, there are certain mistakes platform vendors shouldn't make which can completely undermine protections offered by Secure Boot. We will demonstrate an example of full software bypass of Windows 8 Secure Boot due to such mistakes on some of the latest platforms and explain how those mistakes can be avoided.