I

n its latest Patch Tuesday security update, Microsoft closed a backdoor left open in Windows RT–Windows 8.x ported to devices with 32-bit ARMv7 processors–computers that allowed developers and hackers to boot non-Microsoft approved operating systems.

This vulnerability in ARM-powered locked down Windows devices was left by Redmond programmers during the development process. Exploiting this flaw, one was able to boot operating systems of his/her choice, including Android or GNU/Linux.

If you are aware of the Windows RT-powered devices, you might be knowing that these devices only run the operating system cryptographically signed by Microsoft. As expected, this approach frustrated some Linux Microsoft customers who failed to boot non-Microsoft software on these slabs.

A way to bypass Microsoft’s boot mechanism is highly sought because Microsoft is killing the support for Surface RT tablets in 2017 and Windows RT 8.1 in 2018.

After much effort, the curious developer minds were able to spot a medium to bypass Microsoft’s boot mechanism. If you are curious to know about this backdoor, let me tell you that it involves a specially crafted policy–don’t confuse it with some registry hack.

Here’s what Microsoft has to say about this change:

A security feature bypass vulnerability exists when Windows Secure Boot improperly applies an affected policy. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded on a target device. In addition, an attacker could bypass the Secure Boot Integrity Validation for BitLocker and the Device Encryption security features.

Spotted by The Register, this security hole has been patched by Microsoft with the update MS16-094 released this week. So, if you are planning to install some other operating system on your Windows RT tablet, avoid this update.

Did you find this article helpful? Don’t forget to drop your feedback in the comments section below.

Also Read: Microsoft Loves Linux — Microsoft And SUSE Linux Announce Major Collaboration