Comment by lrvick

Microsoft could have done key backups to secure enclaves that will only return them to a user able to produce valid signatures using a backup code or otherwise they hold. Hell they were the ones that normalized remote attestation.

But Microsoft chose to keep them plain text, and thus they are, and will continue to be abused.

We must not victim blame. This is absolutely corruption on microsofts part.