* Requires the download of oscdimg.exe, courtesy of Microsoft's symbol servers.
* UDF only, since this is mostly intended for Windows and even with Joliet, Microsoft's
implementation of ISO-9660 is crippled (fails to use multi-extent for >4GB files, which
results in BROKEN ISO images) and too limited.
* Note that this is different from our other save to ISO feature (Alt-O), that dumped
the first optical media found on the system to an ISO.
* Also fix a Coverity warning as well as a possible crash in PopulateWindowsVersion()
when opening an invalid image (such as the ISO-9660 ones created by oscdimg).
* Instead of embedding the content of the most recent revoked bootloader hashes in db.h
we now parse the system's SkuSiPolicy.p7b to do so. This has the drawback of not alerting
users running Rufus on systems where SkuSiPolicy.p7b is not up to date, but I believe the
trade-off is worth it.
* We now also copy the system's SkuSiPolicy.p7b to the created media when possible (for
Windows 10 or later), so that Microsoft's WDAC UEFI revocations can apply during boot.
* Considering that alerting users to potential security breaches that may be
exploited by boot media should also be performed by application that create
them, we add detection for all the currently known revoked UEFI bootloaders,
be it the ones from the official UEFI DBX as well as the ones from Windows'
SkuSiPolicy.p7b, and warn the user when one such bootloader is detected on
their source media.
* Note that, to actually be revoked, the bootloaders flagged through SkuSiPolicy
require the copying of the .p7b to the boot media, which we are currently
not enacting but will perform in a subsequent commit.
* Also fix a Coverity warning in hash.c.