I don't understand
If this "root of trust" thingie is something they add as an upgrade...how do they make it forever not-rewriteable so that the same hacker can't just change the key to make the malware check out, or simply remove the checking altogether, since as described, this "root of trust" seems to be firmware/key in writeable - and updateable - memory.
If you're root, there's not much that's impossible if the storage can be written...maybe their fix only broke one existing vector, seems more likely to me.
Security is HARD.