On Wednesday, the computer security researchers Andrew Furtak, Oleksandr Bazhaniuk and Yuriy Bulygin exhibited two exploits of secure Boot of windows 8 at the Black Hat USA security conference in Las Vegas
They showed how two attacks can be done on the systems that sidestepped Secure Boot in order to install a UEFI boot kit on marked computer systems. It is possible not due to exposures in Secure Boot itself, but as a result of UEFI implementation errors committed by platform vendors.
The team of scientists revealed that the bypassing of Windows 8 Secure Boot system on some PCs from specific manufacturers is due to lapses of those vendors in implementing the Unified Extensible Firmware Interface (UEFI) specification .
The researcher Bulygin of McAfee.said that some dealers do not properly secure their firmware thereby permitting an attacker to amend the code accountable for enforcing Secure Boot, They demonstrated kernel-mode exploit on an Asus Vivo Book Q200E laptop and said some motherboards of the said laptop are,also,affected. He said that the Asus circulated BIOS updates for some motherboards except Vivo Book.
According to the scientists in the field, the manipulates demonstrated at Black Hat are designed to modify the platform key but it needs to be executed in kernel mode for execution. A remote attacker would have to find a way to execute code in kernel mode on the targeted computer.
The second exploit can run in user mode and an attacker would only need to gain code execution rights on the system by manipulating a weakness in a regular software application like Java, Adobe Flash, Microsoft Office or similar others.
Bulygin said that in spite of these short comings Secure Boot is still a great step forward