@evacide Oh they need to get physical access to the device and input passwords?
Or, and stay with me on this journey, microsoft is not a godlike being that never rolls out code with bugs. And any, ANY exploit here is going to be such a ridiculously awful fail state.