1. Insecure Default Secure Boot Policy for Option ROMs
In order to help prevent vulnerabilities in secure boot implementations, the default policy for Option ROMs was changed to a more secure value.
Reported by the Advanced Threat Research team at Intel Security.