Comment 2 for bug 1401532

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

The purpose of SecureBoot is to prevent untrusted modification of firmware, thus as per SecureBoot specs no unsigned code should be called before ExitBootServices() has been called. Thus one should be targetting as to how to bypass that when booted in secure boot mode. For example the King's & Queen's Gambits vulnerabilities as presented in http://www.mitre.org/sites/default/files/publications/14-2221-extreme-escalation-presentation.pdf