DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
October 19, 2019 
Main Menu
News archives

Who's Online
There are currently 62 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

BIOS security becoming a major issue as millions are at risk of infection

Posted on Monday, March 23 2015 @ 14:00:19 CET by

Over at last week's CanSecWest security conference, Corey Kallenberg and Xeno Kovah demonstrated how surprisingly easy it is to infect the BIOS of millions of vulnerable computers. Little attention is given to BIOS security, there's a lot of code reuse across UEFI BIOSes and the researchers claim almost every BIOS in the wild is affected by at least one vulnerability that can be exploited.

Using a tool named LightEater, even an unskilled person can infect a PC in a mere two minutes if he has physical access to it. Attacks over the internet are possible as well, but will require more sophistication as attackers will first need to gain access to your system via another vulnerability.

Security experts Kallenberg and Kovah explained some BIOSes are woefully insecure and do nothing to prevent attacks. Even if hardware makers fix the issues, the big problem is that almost no one pays attention to the BIOS. The duo pointed out that using a security-focused OS like Tails that promises to leave no trace on your computer doesn't help if your BIOS is infected. And these infections can linger for a long time because they're hard to detect and don't go away after a format.

At this point there's no evidence cyber criminals are using this technique on a large scale but leaked documents from Edward Snowden illustrate the NSA has been exploiting this vector for a while.
Kopvah says misconfigured BIOS access controls present more of a threat than vulnerabilities such as exploitable buffer overflows.

Those flaws are homogeneous. Using tiny signatures built from 10 machines the pair found the code hooks attackers need to build reliable SMM implants across thousands of BIOS images.

"This shows empirically that attackers wouldn't have to reverse engineer each BIOS model or revision. Simple pattern matching can make it so that tools can just assemble BIOS implants for any model on demand," Kopvah says, adding he expects that attackers already know this.
Full details at The Register.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba