1. Insecure Default Secure Boot Policy for Option ROMs

Description:

In order to help prevent vulnerabilities in secure boot implementations, the default policy for Option ROMs was changed to a more secure value.

Recommendation:

This issue is addressed by EDK2 SVN https://sourceforge.net/p/edk2/code/14607

Acknowledgments:

Reported by the Advanced Threat Research team at Intel Security.