UEFI bootkit

[Mike Wright]

And in today's news:

http://www.theregister.co.uk/2012/09/19/win8_rootkit/

A few things in particular stood out to me:

1)  "Writing a bootkit couldn't be an easier task for virus writers with 
the UEFI framework available, much easier than before when they needed 
to code in pure assembly."

2) "... unless SecureBoot is used to ensure that only digitally signed 
UEFI bootloaders can be executed at the system bootup.

3) "... enabling SecureBoot by default effectively limits user choice."

Great!  MS shoots self in foot, others in head.  We saw it coming :/