Insecure UEFI Boot

So far, what is known to me is that UEFI boot is not very secure. There's a few reasons why, and various tests have been done for proof of concept.

A team of security researchers at ITSEC were able to create what they called a "UEFI bootkit" and this was designed to specifically blast Windows 8. What makes this flaw a big issue in my opinion is it's ability to bypass the PatchGuard (kernel patch protection) and Driver Signature Enforcement policies in the Windows kernel, and can overwrite the original UEFI bootloader.

 

Not on UEFI boot though for Windows 8. It was adopted back when Windows 7 was around, but only started to become recognized with Windows 8's release. Apparently it's significance on Windows 8 has not been fully patched though.

And Secure Boot was enabled here. Testing on a virtual machine doesn't mean that it doesn't go through a similar boot process; bootloader and all drivers are still loaded. The only difference between the BIOS and UEFI is that the mode switches from 16bit to 32/64bit depending on the OS that is being loaded from pre-boot to the main secure desktop, in UEFI this process is not dependent on 16 bit mode supported by x86 processors like the BIOS is as it was designed for this architecture.

If you read up on UEFI, this is all it is:

 

I can't edit my previous post anymore, but these bypasses never used to be as critical with the regular BIOS, as seen in UEFI boot. You can't skip the boot process and get into Windows normally though, so it's either the BIOS, or UEFI regardless. UEFI boot is an option though...