Just ran across this. Not sure what it means for Open Source bootloaders.

"The key basically allows anyone to bypass the provisions Microsoft has
put in place ostensibly to prevent malicious versions of Windows from
being installed, on any device running Windows 8.1 and upwards with
Secure Boot enabled."

http://arstechnica.com/security/2016/08/microsoft-secure-boot-firmware-snafu-leaks-golden-key/