It appears Microsoft has defeated the safety of Secure Boot as the company inadvertently leaked a so-called "golden key", a mechanism that enables users to by-pass this boot safety system. This by-pass enables the merging of a policy that loads an unsigned operating system into an otherwise valid policy, and was likely used so Microsoft developers could easily load unsigned code.
On the bright side, this makes the installation of Linux or other operating systems easier on a variety of devices, but the bad news is that this threatens to make Secure Boot useless against advanced bootkits and rootkits.
You can see how this is very bad!! A backdoor, which MS put
in to secure boot because they decided to not let the user turn it off in
certain devices, allows for secure boot to be disabled everywhere!
You can see the irony. Also the irony in that MS themselves provided us several
nice "golden keys" (as the FBI would say ;-) for us to use for that purpose
About the FBI: are you reading this? If you are, then this is a perfect real
world example about why your idea of backdooring cryptosystems with a "secure
golden key" is very bad! Smarter people than me have been telling this to you
for so long, it seems you have your fingers in your ears. You seriously don't
understand still? Microsoft implemented a "secure golden key" system. And the
golden keys got released from MS own stupidity. Now, what happens if you tell
everyone to make a "secure golden key" system? Hopefully you can add 2+2...
The golden keys were discovered in March 2016 by my123 and slipstream. They created a cheesy website that explains what this is about, you can visit it over here. It seems Microsoft put this in Windows 10 Anniversary Update for debugging purposes but accidentally forgot to remove it from the production versions.
Microsoft attempted to patch it but the researchers claim the patch doesn't do anything useful. In fact, they doubt whether Microsoft will be able to rectify this big snafu as that would break install media, recovery partitions, backups, etc.