Hackers manage to unlock Windows RT tablets and run non-Windows OS

The latest Patch Tuesday update killed a major vulnerability that could have potentially let hackers unlock ARM-powered Windows RT tablets and install non-approved Windows programs. Fortunately for Windows RT tablet owners, Microsoft’s security engineers discovered this vulnerability before hackers exploited it.

The vulnerability would have allowed hackers to unlock the slab’s bootloader and load any operating system they wanted. Windows RT accepts only boot software cryptographically signed by Microsoft, which prevents users from running non-Windows OS on their RT tablets.

Many users have long been trying find a workaround to install Linux, Android and other OSs on their Windows RT tablet, to no avail. Apparently, they didn’t know where to look as it appears the vulnerability allowing them to do just that had been under their noses all the time.

A security feature bypass vulnerability exists when Windows Secure Boot improperly applies an affected policy. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-signed executables and drivers to be loaded on a target device. In addition, an attacker could bypass the Secure Boot Integrity Validation for BitLocker and the Device Encryption security features.

To exploit the vulnerability, an attacker must either gain administrative privileges or physical access to a target device to install an affected policy. The security update addresses the vulnerability by blacklisting affected policies.

Windows RT has been a dying OS ever Microsoft decided to stop improving it. Mainstream support for the Surface RT is scheduled to end in 2017, while Windows RT 8.1 will be abandoned in 2018.

For more information about the content of the latest Microsoft Security Bulletin, check out Microsoft’s Security Page.