←back to thread

Microsoft reports several bootloader vulnerabilities

(www.microsoft.com)
91 points hacknslack | 1 comments | 31 Mar 25 18:25 UTC | HN request time: 0s | source
Show context
greatgib ◴[04 Apr 25 06:57 UTC] No.43579115[source]
To start with, security of "secure boot" there is a joke because anyway all os have to be signed by Microsoft itself. So anyone with they certificate key can do whatever they want.

And btw, not that long ago it was released by researchers than more than 200 platforms from diverse but main laptops and servers manufacturers were still using leaked keys for signing their boot loaders...

replies(3): >>43579395 #>>43579617 #>>43582898 #
1. vladvasiliu ◴[04 Apr 25 07:50 UTC] No.43579395[source]
Some PCs are able to use your own keys, which can be used to sign your bootloader. This has worked well for me with various HP computers (EliteBooks and EliteDesks). One of those, which only runs Linux, will refuse to boot the Windows installer. On my work laptop, I've also added the Windows key (not the 3rd party one) so I can dual-boot.

I understand some computers may not support this as well, so YMMV.