Update README.md

2 files changed, 6 insertions, 7 deletions

diff --git a/Application/Loader/Loader.c b/Application/Loader/Loader.c
index a354261..1cb2cf1 100644
--- a/Application/Loader/Loader.c
+++ b/Application/Loader/Loader.c
@@ -475,12 +475,12 @@ TryBootOptionsInOrder(
 		EfiSignalEventReadyToBoot();
 
 		// So again, DO NOT call this abortion:
-		//BmSetMemoryTypeInformationVariable((BOOLEAN)((BootOption->Attributes & LOAD_OPTION_CATEGORY) == LOAD_OPTION_CATEGORY_BOOT));
+		//BmSetMemoryTypeInformationVariable((BOOLEAN)((BootOptions[Index].Attributes & LOAD_OPTION_CATEGORY) == LOAD_OPTION_CATEGORY_BOOT));
 
 		// Ensure the image path is connected end-to-end by Dispatch()ing any required drivers through DXE services
 		EfiBootManagerConnectDevicePath(BootOptions[Index].FilePath, NULL);
 
-		// Instead of creating a ramdisk and reading the file into it (¿que?), just pass the path we saved earlier.
+		// Instead of creating a ramdisk and reading the file into it (¿que?), just pass the path we saved earlier.
 		// This is the point where the driver kicks in via its LoadImage hook.
 		EFI_HANDLE ImageHandle = NULL;
 		Status = gBS->LoadImage(TRUE,
diff --git a/README.md b/README.md
index fda4540..64a0865 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@ EfiGuard is a portable x64 UEFI bootkit that patches the Windows boot manager, b
 
 # Features
 - Currently supports all EFI-compatible versions of Windows x64 ever released, from Vista SP1 to Server 2019.
-- Easy to use: can be booted from a USB stick via a loader application that automatically finds and boots Windows. The driver can also be loaded and configured manually using either the UEFI shell or the loader.
+- Easy to use: can be booted from a USB stick or the Windows EFI partition via a loader that automatically finds and boots Windows. The driver can also be loaded and configured manually using either the UEFI shell or the loader.
 - Makes extensive use of the [Zydis](https://github.com/zyantific/zydis) disassembler library for fast runtime instruction decoding to support more robust analysis than what is possible with signature matching, which often requires changes with new OS updates.
 - Works passively: the driver does not load or start the Windows boot manager. Instead it acts on a load of `bootmgfw.efi` by the firmware boot manager via the boot selection menu or an EFI application such as the loader. If a non-Windows OS is booted, the driver will automatically unload itself.
 - Supports four-stage patching for when `bootmgfw.efi` starts `bootmgr.efi` rather than `winload.efi`. This is the case when a WIM file is loaded to boot WinPE, Windows Setup or Windows Recovery mode.
@@ -22,10 +22,9 @@ EfiGuard is a portable x64 UEFI bootkit that patches the Windows boot manager, b
 # Issues and limitations
 - EfiGuard can not disable Hypervisor-enforced Code Integrity (HVCI or HyperGuard) due to HVCI running at a greater privilege level. EfiGuard **can** coexist with HVCI and even successfully disables PatchGuard in the normal kernel, but this is not useful in practice because HVCI will catch what PatchGuard did previously. Both types of DSE bypass are rendered useless by HVCI: the boot time patch has no effect because the kernel defers to the secure kernel for integrity checks, and the `SetVariable` hook will cause a `SECURE_KERNEL_ERROR` bugcheck if it is used to write to `g_CiOptions`.
 - Checked kernels are not supported due to the differences in PatchGuard and DSE initialization code caused by disabled optimizations and added asserts, as well as additional changes to PatchGuard in checked kernels. This should not be an issue as checked kernels are not generally useful without a kernel debugger attached, which disables PatchGuard.
-- The loader application is currently not directly bootable on some PCs (e.g. Dell XPS). In this case the UEFI shell can be used as a fallback (see below).
 
 # How to use
-There are two ways to use EfiGuard: booting the loader (easiest), or using the UEFI shell to load the driver.
+There are two ways to use EfiGuard: booting the loader (easiest), or using the UEFI shell to load the driver. In both cases it is possible to install EfiGuard on a secondary boot medium such as a USB stick or on the EFI system partition. Using the EFI partition has the advantage of not requiring a second boot disk, but this method is more complex to set up. It is advised to try one of the methods below first, and read the instructions in [issue #2](https://github.com/Mattiwatti/EfiGuard/issues/2#issuecomment-478998015) if you want to install EfiGuard on the EFI partition.
 ## Booting the loader
 1. Download or compile EfiGuard, go to `EFI/Boot` and rename one of `Loader.efi` or `Loader.config.efi` to `bootx64.efi`. The two are identical, except `Loader.efi` boots without user interaction whereas `Loader.config.efi` will prompt you to configure the DSE patch method used by the driver (if you want to change this).
 2. Place the files on a boot drive such as a USB stick (for physical machines) or an ISO/virtual disk (for VMs). The paths should be `/EFI/Boot/{bootx64|EfiGuardDxe}.efi`. It is recommended to use FAT32 formatted USB sticks.
@@ -42,7 +41,7 @@ There are two ways to use EfiGuard: booting the loader (easiest), or using the U
 
 # Compilation
 ## Compiling EfiGuardDxe and the loader
-EfiGuard requires EDK2 to build. If you don't have EDK2 installed, follow the steps in [Getting Started with EDK2](https://github.com/tianocore/tianocore.github.io/wiki/Getting-Started-with-EDK-II) first as the EDK2 build system is fairly complex to set up. This section assumes you have a `workspace` directory that your `WORKSPACE` environment variable points to, with a copy of EDK2 checked out in `workspace/edk2`. Supported compilers are MSVC, Clang, GCC and ICL.
+EfiGuard requires EDK2 to build. If you don't have EDK2 installed, follow the steps in [Getting Started with EDK2](https://github.com/tianocore/tianocore.github.io/wiki/Getting-Started-with-EDK-II) first as the EDK2 build system is fairly complex to set up. This section assumes you have a `workspace` directory that your `WORKSPACE` environment variable points to, with a copy of EDK2 checked out in `workspace/edk2`. Supported compilers are MSVC, Clang, GCC and ICC.
 1. Clone the EfiGuard repository into `workspace/edk2/EfiGuardPkg`.
 2. Open a prompt or shell that sets up the environment variables for EDK2.
 3. Run `build -a X64 -t VS2017 -p EfiGuardPkg/EfiGuardPkg.dsc -b RELEASE`, substituting your toolchain for VS2017.
@@ -72,7 +71,7 @@ Some of the benefits provided by a bootkit approach include:
 
 The initial incarnation of EfiGuard as a bootkit was an attempt to get dude719's [UEFI-Bootkit](https://github.com/ajkhoury/UEFI-Bootkit) to work with recent versions of Windows 10, because it had become dated and no longer works on the latest versions (like UPGDSED, often caused by version-sensitive pattern scans). While I did eventually get this to work, I was unsatisfied with the result mostly due to the choice of hooking `OslArchTransferToKernel`, which as noted above executes in protected mode and after `ExitBootServices` has been called. Apart from this, I was not satisfied with only being able to patch some versions of Windows 10; I wanted the bootkit to work on every EFI-compatible version of Windows x64 released to date. Because of this, I rewrote the bootkit from scratch with the following aims:
 - To provide patch information at every stage of boot including the kernel patch itself.
-- To increase the number of supported EFI-compatible Windows versions to "all" (at the time of writing).
+- To support all EFI-compatible versions of Windows versions (at the time of writing).
 - To enable lazy instantiation of the bootkit and optionally a kernel backdoor, achieved by EFI System Table hooks.
 
 A big picture overview of the final EfiGuard boot flow is shown in the diagram above. For the individual component-specific hooks and patches, see `EfiGuardDxe/PatchXxx.c` in the source files. For driver initialization/unloading and the EFI Boot and Runtime Services hooks, see [EfiGuardDxe.c](EfiGuardDxe/EfiGuardDxe.c).