| skipped 63 lines |
64 | 64 | | No known vulnerable boot application has been revoked yet. |
65 | 65 | | - Until revocation happens, an attacker can just bring their own vulnerable bootloader(s). |
66 | 66 | | - Revocation would cause all existing Windows installation/recovery media, and old backups, to fail to boot. |
67 | | - | |
| 67 | + | - Boot failure would occur even with Secure Boot disabled due to `bootmgr` checking its own signature. |
68 | 68 | | |