Locked Down Windows Computers Will No Longer Be Able to Install And Boot Linux
Microsoft closed a back door that was left open in Windows RT–Windows 8.x ported to devices with 32-bit ARMv7 processors –computers with which developers and hackers could boot non-Microsoft approved OSes, just this last Tuesday in its latest Patch security update
This vulnerability in ARM-powered Windows devices (which were locked down) was obviosuly left by Windows programmers during the development process and developers were able to boot OSes of their choice including Android or GNU/Linux by exploiting this flaw.
If you know about the devices that run on Windows RT then you probably also know that these devices run on only the OSes that have been cryptographically signed by Microsoft, and as expected, many Linux Microsoft customers who have failed to boot non-Microsoft software on the slabs are frustrated by this approach.
One way to bypass Microsoft’s boot mechanism is hot cake because the Redmond giant will be killing their support for Surface RT tablets in 2017 and Windows RT 8.1 in 2018.
After a lot of brainstorming, curious developers have been able to spot a “hole” through which they can bypass Microsoft’s boot mechanism. If you would like to know about this backdoor then you should also know that it involves a specially crafted policy –it is aeons far from the common registry hack.
Read what Microsoft had to say about this change:
A security feature bypass vulnerability exists when Windows Secure Boot improperly applies an affected policy. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded on a target device. In addition, an attacker could bypass the Secure Boot Integrity Validation for BitLocker and the Device Encryption security features.
This security hole (which was spotted by The Register) has now been patched up by Microsoft via their MS16-094 update which was released this week. In other words, if you were planning to install some other OS on your Windows RT tablet -avoid this update.