• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents

2

Peter Thiel and other tech billionaires are publicly shielding their children from the products that made them rich

3

Trump embraces Australian retirement system backed by Larry Fink

1

The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents

2

Peter Thiel and other tech billionaires are publicly shielding their children from the products that made them rich

3

Trump embraces Australian retirement system backed by Larry Fink
TechMicrosoft

Uh-oh! Microsoft Leaks ‘Golden Keys’ to Windows Devices

Robert Hackett
By
Robert Hackett
Robert Hackett
Down Arrow Button Icon
Robert Hackett
By
Robert Hackett
Robert Hackett
Down Arrow Button Icon
August 11, 2016, 6:08 PM ET
Sunni Mosques Closed In Baghdad
BAGHDAD, IRAQ - MAY 21: An Iraqi mosque caretaker locks the gate of al-Qazaz Sunni mosque May 21, 2005 in Baghdad, Iraq. Sunnis clerics announced a closing of Sunni mosques across Baghdad in protest of killings of Sunni clerics that some have blamed on Shiite militias. (Photo by Wathiq Khuzaie/Getty Images)Wathiq Khuzaie—Getty Images
Add Fortune on Google for similar content.

Microsoft (MSFT) messed up.

The tech giant inadvertently leaked a “backdoor” means to digitally bypass Secure Boot, a firmware component designed to keep its devices sealed. Anyone with administrator rights who possesses the “golden keys,” as security researchers have described their finding, can load whatever operating system they please—Google’s (GOOG) Android or Linux, say—onto an otherwise restricted Windows device, such as a Windows Phone, Windows RT tablet, or HoloLens.

Someone with physical access to one of these devices can also use the tool to load malicious software, such a so-called rootkit, onto it, giving that person full control over the system. (It’s worth noting that Windows PCs and servers are typically not locked with Secure Boot.)

Get Data Sheet, Fortune’s technology newsletter.

The security researchers who uncovered the code—they go by the aliases “MY123” and “Slipstream”—appear to have found it idly preloaded onto Microsoft devices, as The Register reports. Microsoft presumably designed the tool for internal debugging purposes, so that its engineers could circumvent the usual operating system checks that normally confirm whether a system is booting with Redmond-approved software. It was a short-cut for developers, in other words.

You can read the pair’s jarringly presented write-up here. Be warned that it includes twitchy graphics and blaring chiptune music. Or if you prefer a more readable version, you can peruse this text-only version on Pastebin.

For more on Microsoft technology accidents, watch:

“You can see how this is very bad!!” wrote Slipstream, author of the post. “A backdoor, which MS put in to secure boot because they decided to not let the user turn it off in certain devices, allows for secure boot to be disabled everywhere!”

The hacker continued on a policy soapbox, haranguing the Federal Bureau of Investigation for advocating that tech companies grant law enforcement “backdoor” access to their products. The so-called encryption debate that Slipstream alludes to was on full display earlier this year when the FBI duked it out with Apple (AAPL) in a fight to gain access to a deceased terrorist’s iPhone.

“This is a perfect real world example about why your idea of backdooring cryptosystems with a ‘secure golden key’ is very bad!” he said. (The hackers’ finding, for what its worth, has less to do with encryption than it has to do with “backdoors” generally.)

According to Slipstream, the researchers reported the vulnerability to Microsoft in March. The company, after apparently dismissing their work initially, paid them a bug bounty reward and issued a patch (MS16-094) a few months later.

Here’s Why Apple Is Going To War Over FBI ‘Backdoor’ Order

But that wasn’t the end of the story. The pair then demonstrated how to bypass that fix, forcing Microsoft to issue another patch this month (MS16-100)—and even that may not be enough to solve the problem.

The hackers appear to be convinced that the issue will persist, despite Microsoft’s best efforts. It would “be impossible in practise [sic] for MS to revoke every bootmgr”—the code that guides the earliest stages of a computer’s startup sequence— Slipstream wrote, “as they’d break install media, recovery partitions, backups, etc.”

A Microsoft spokesperson provided Fortune with a statement downplaying the risk: “The jailbreak technique described in the researchers’ report on August 10 does not apply to desktop or enterprise PC systems. It requires physical access and administrator rights to ARM and RT devices and does not compromise encryption protections.”

Stay tuned—another patch is expected next month.

About the Author
Robert Hackett
By Robert Hackett
Instagram iconLinkedIn iconTwitter icon
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Tech

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Tech

Jony Ive (left), formerly with Apple and now with OpenAI, standing next to Laurene Powell Jobs, the widow of Apple founder Steve Jobs, at an event in 2022.
AIOpenAI
Stolen laptops, data breaches, secret moles, and recruiting-as-espionage. Here are the wildest claims in Apple’s lawsuit against OpenAI
By Emily ForliniJuly 13, 2026
2 hours ago
Elon Musk and Sam Altman are accusing each other of scamming investors as SpaceX and OpenAI jockey to lead AI revolution
AIBillionaires
Elon Musk and Sam Altman are accusing each other of scamming investors as SpaceX and OpenAI jockey to lead AI revolution
By Marco Quiroz-GutierrezJuly 13, 2026
2 hours ago
u
PoliticsSocial Media
Europe to social media platforms: make yourself safe for kids under 13, somehow
By Lorne Cook, Kelvin Chan and The Associated PressJuly 13, 2026
5 hours ago
Meta’s AI data center cost went from $10 billion to $50 billion in under 2 years—and split the town in two
Big TechMeta
Meta’s AI data center cost went from $10 billion to $50 billion in under 2 years—and split the town in two
By Sydney LakeJuly 13, 2026
5 hours ago
b
CommentaryWorld Cup
Columbia Business School professors: What the Balogun red card can teach us about AI and judgment
By Oded Netzer, Christopher Frank and Paul MagnoneJuly 13, 2026
6 hours ago
‘We are driving in the fog’: Hundreds of economists admit they’re flying blind on AI
Economydisruption
‘We are driving in the fog’: Hundreds of economists admit they’re flying blind on AI
By Nick LichtenbergJuly 13, 2026
8 hours ago

Most Popular

The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents
Innovation
The U.S. spent $30 billion to ditch textbooks for laptops and tablets: The result is the first generation less cognitively capable than their parents
By Sasha RogelbergJuly 12, 2026
1 day ago
Peter Thiel and other tech billionaires are publicly shielding their children from the products that made them rich
Big Tech
Peter Thiel and other tech billionaires are publicly shielding their children from the products that made them rich
By Marco Quiroz-GutierrezJuly 12, 2026
1 day ago
Trump embraces Australian retirement system backed by Larry Fink
Personal Finance
Trump embraces Australian retirement system backed by Larry Fink
By Brianna Sosa and BloombergJuly 12, 2026
1 day ago
Current price of oil as of July 13, 2026
Personal Finance
Current price of oil as of July 13, 2026
By Joseph HostetlerJuly 13, 2026
12 hours ago
Wyoming officials say Meta’s 715,000-square-foot data center is responsible for contaminating its water system with a rare bacterium
Environment
Wyoming officials say Meta’s 715,000-square-foot data center is responsible for contaminating its water system with a rare bacterium
By Sasha RogelbergJuly 10, 2026
3 days ago
Russia’s economy is an 'illusion' built on debt, and a banking crisis is ready to explode, intel report says, while the Kremlin may seize pensions
Banking
Russia’s economy is an 'illusion' built on debt, and a banking crisis is ready to explode, intel report says, while the Kremlin may seize pensions
By Jason MaJuly 12, 2026
1 day ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.