I wonder what can happen in such scenario. I mean, suppose that Microsoft's keys are stolen and used to sign malware, Microsoft will revoke that keys and provides to HW vendors the updated keys, but probably not all of them will provide a firmware update with the keys, or maybe the user doesn't know what the heck is a "firmware update" and how to do it (in fact, some HW vendors doesn't responsible about firmware updates).
In that case, will the user be locked down with a computer that can't boot even the OS that was shipped with?
What happens if Microsoft's keys are stolen?
I mean, suppose that Microsoft's keys are stolen and used to sign malware, Microsoft will revoke that keys and provides to HW vendors the updated keys, but probably not all of them will provide a firmware update with the keys, or maybe the user doesn't know what the heck is a "firmware update" and how to do it (in fact, some HW vendors doesn't responsible about firmware updates).
In that case, will the user be locked down with a computer that can't boot even the OS that was shipped with?
What am I missing here?