Event details
Please talk about the default versus the active database. Specifically, what are the pitfalls in continuing to use a system that has the active database updated but does not have an available OEM update for the default database.
The risk is in somebody resetting Secure Boot to defaults in the UEFI setup and having a device that does not boot or may go through BitLocker recovery.
As mentioned in the video, a countermeasure may be to set a Setup passsword for the UEFI setup so that end-users cannot mess with their settings.
