• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch

2

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

3

Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster

1

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch

2

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

3

Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
TechMicrosoft

Uh-oh! Microsoft Leaks ‘Golden Keys’ to Windows Devices

Robert Hackett
By
Robert Hackett
Robert Hackett
Down Arrow Button Icon
Robert Hackett
By
Robert Hackett
Robert Hackett
Down Arrow Button Icon
August 11, 2016, 6:08 PM ET
Sunni Mosques Closed In Baghdad
BAGHDAD, IRAQ - MAY 21: An Iraqi mosque caretaker locks the gate of al-Qazaz Sunni mosque May 21, 2005 in Baghdad, Iraq. Sunnis clerics announced a closing of Sunni mosques across Baghdad in protest of killings of Sunni clerics that some have blamed on Shiite militias. (Photo by Wathiq Khuzaie/Getty Images)Wathiq Khuzaie—Getty Images
Add Fortune on Google for similar content.

Microsoft (MSFT) messed up.

The tech giant inadvertently leaked a “backdoor” means to digitally bypass Secure Boot, a firmware component designed to keep its devices sealed. Anyone with administrator rights who possesses the “golden keys,” as security researchers have described their finding, can load whatever operating system they please—Google’s (GOOG) Android or Linux, say—onto an otherwise restricted Windows device, such as a Windows Phone, Windows RT tablet, or HoloLens.

Someone with physical access to one of these devices can also use the tool to load malicious software, such a so-called rootkit, onto it, giving that person full control over the system. (It’s worth noting that Windows PCs and servers are typically not locked with Secure Boot.)

Get Data Sheet, Fortune’s technology newsletter.

The security researchers who uncovered the code—they go by the aliases “MY123” and “Slipstream”—appear to have found it idly preloaded onto Microsoft devices, as The Register reports. Microsoft presumably designed the tool for internal debugging purposes, so that its engineers could circumvent the usual operating system checks that normally confirm whether a system is booting with Redmond-approved software. It was a short-cut for developers, in other words.

You can read the pair’s jarringly presented write-up here. Be warned that it includes twitchy graphics and blaring chiptune music. Or if you prefer a more readable version, you can peruse this text-only version on Pastebin.

For more on Microsoft technology accidents, watch:

“You can see how this is very bad!!” wrote Slipstream, author of the post. “A backdoor, which MS put in to secure boot because they decided to not let the user turn it off in certain devices, allows for secure boot to be disabled everywhere!”

The hacker continued on a policy soapbox, haranguing the Federal Bureau of Investigation for advocating that tech companies grant law enforcement “backdoor” access to their products. The so-called encryption debate that Slipstream alludes to was on full display earlier this year when the FBI duked it out with Apple (AAPL) in a fight to gain access to a deceased terrorist’s iPhone.

“This is a perfect real world example about why your idea of backdooring cryptosystems with a ‘secure golden key’ is very bad!” he said. (The hackers’ finding, for what its worth, has less to do with encryption than it has to do with “backdoors” generally.)

According to Slipstream, the researchers reported the vulnerability to Microsoft in March. The company, after apparently dismissing their work initially, paid them a bug bounty reward and issued a patch (MS16-094) a few months later.

Here’s Why Apple Is Going To War Over FBI ‘Backdoor’ Order

But that wasn’t the end of the story. The pair then demonstrated how to bypass that fix, forcing Microsoft to issue another patch this month (MS16-100)—and even that may not be enough to solve the problem.

The hackers appear to be convinced that the issue will persist, despite Microsoft’s best efforts. It would “be impossible in practise [sic] for MS to revoke every bootmgr”—the code that guides the earliest stages of a computer’s startup sequence— Slipstream wrote, “as they’d break install media, recovery partitions, backups, etc.”

A Microsoft spokesperson provided Fortune with a statement downplaying the risk: “The jailbreak technique described in the researchers’ report on August 10 does not apply to desktop or enterprise PC systems. It requires physical access and administrator rights to ARM and RT devices and does not compromise encryption protections.”

Stay tuned—another patch is expected next month.

About the Author
Robert Hackett
By Robert Hackett
Instagram iconLinkedIn iconTwitter icon
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Tech

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Tech

How foodservice giant Sodexo is embracing AI and robotics to reshape the kitchen
NewslettersCIO Intelligence
How foodservice giant Sodexo is embracing AI and robotics to reshape the kitchen
By John KellJuly 1, 2026
9 hours ago
Anthropic CEO Dario Amodei
AIAnthropic
Anthropic’s AI models are back online after a two-week government standoff—settling the company and administration into a fragile truce
By Tristan BoveJuly 1, 2026
9 hours ago
Nikesh Arora, chief executive officer at Palo Alto Networks
SuccessJobs
CEO of $248 billion cybersecurity company says workers are about to face a ‘Darwinian moment’ thanks to AI: Evolve or get cut
By Emma BurleighJuly 1, 2026
11 hours ago
Current price of Ethereum for July 1, 2026
Personal FinanceEthereum
Current price of Ethereum for July 1, 2026
By Joseph HostetlerJuly 1, 2026
12 hours ago
In this photo illustration, a Cisco logo is displayed on a smartphone with Artificial Intellingence (AI) symbols in the background.
AICFO Daily
Cisco is rolling out AI agents to every single one of its 90,000 employees
By Sheryl EstradaJuly 1, 2026
13 hours ago
senate
CommentaryCongress
One rare bipartisan AI bill is moving through Congress. Here’s why it deserves to pass
By Neil Björkman and Betsy BrewerJuly 1, 2026
14 hours ago

Most Popular

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
Big Tech
As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
By Marco Quiroz-GutierrezJuly 1, 2026
18 hours ago
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
Success
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
By Sydney LakeJune 25, 2026
7 days ago
Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
Success
Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
By Preston ForeJune 27, 2026
5 days ago
The Supreme Court's birthright citizenship ruling hands the U.S. economy a $7.7 trillion win
Newsletters
The Supreme Court's birthright citizenship ruling hands the U.S. economy a $7.7 trillion win
By Diane BradyJuly 1, 2026
16 hours ago
Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place
Success
Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place
By Sydney LakeJune 29, 2026
2 days ago
Current price of oil as of July 1, 2026
Personal Finance
Current price of oil as of July 1, 2026
By Joseph HostetlerJuly 1, 2026
13 hours ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.