A TALE OF ONE SOFTWARE BYPASS OF WINDOWS 8 SECURE BOOT

Black Hat USA 2013

Presented by: Oleksandr Bazhaniuk, Yuriy Bulygin, Andrew Furtak
Date: Wednesday July 31, 2013
Time: 11:45 - 12:15
Location: Palace 1

Windows 8 Secure Boot based on UEFI 2.3.1 Secure Boot is an important step towards securing platforms from malware compromising boot sequence before the OS. However, there are certain mistakes platform vendors shouldn't make which can completely undermine protections offered by Secure Boot. We will demonstrate an example of full software bypass of Windows 8 Secure Boot due to such mistakes on some of the latest platforms and explain how those mistakes can be avoided.

Yuriy Bulygin

Chief Threat Architect for a Fortune 50 company where over the last 7 years he enjoyed analyzing security of everything from OS to CPU microcode and hardware. He is now leading a security threat research team advancing research in security threats to modern PC, mobile, and embedded platforms and protections against those.

Andrew Furtak

Andrew Furtak is a security researcher focusing on security analysis of firmware and hardware of modern computing platforms and a security software engineer in the past. Andrew holds MS in Applied Mathematics and Physics from Moscow Institute of Physics and Technology.

Oleksandr Bazhaniuk

Oleksandr Bazhaniuk is a security researcher and reverse engineer with background in automation of binary vulnerability analysis. He is also a co-founder of DCUA, the first DefCon group in Ukraine.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats