The Boot Sector has always been an area that scares me because it affords such "power" to the adversary if it gets successfully used. Even on my Linux systems I have /boot placed on a USB and remove the boot flash before ever going online. Then I run a checksum of the MBR to make sure nothing has been changed. Only then do I head out on the highway to my workspace.
Maybe these days the CIA finds it more difficult to get their special software through Kaspersky as opposed to other security applications , perhaps this is why a ban is implemented.