Some signed third-party bootloaders for the Unified Extensible Firmware Interface (UEFI) used by Windows could allow attackers to execute unauthorized code in an early stage of the boot process, before the operating system loads.
Source: Microsoft blocks UEFI bootloaders enabling Windows Secure Boot bypass TherMite