Security professionals find severe vulnerability in BIOS and UEFI
12 replies, posted
[quote]
A report from the Carnegie Mellon University describes a serious vulnerability regarding BIOS/UEFI. Some implementations fail to activate write-protection when the system wakes up from standby mode.
This can in turn be used by an attacker to plant malicious code within the BIOS.
"An attacker is free to reflash the BIOS with an arbitrary image simply by forcing the system to go to sleep and wake again. This bypasses the enforcement of signed updates or any other vendor mechanisms for protecting the BIOS from an arbitary reflash"
The security researchers confirms that the vulnerability can be found within computers from Apple and Dell. Since this information was published, they have both pushed out updates to fix the issue.
They're probably not the only ones affected, though, Intel, HP, Lenovo, Sony, Toshiba, ASUS, as well as the BIOS-developers Phoenix and American Megatrends all need to investigate whether or not their systems are safe.
[/quote]
Source: [URL]http://www.sweclockers.com/nyhet/20880-sakerhetsforskare-upptacker-allvarlig-sarbarhet-i-bios-och-uefi[/URL]
[QUOTE]The security researchers confirms that the vulnerability can be found within computers from Apple and Dell. Since this information was published, they have both pushed out updates to fix the issue.[/QUOTE]
I'm pretty sure BIOS updates require flashing... I don't think people just flash their BIOS from time to time just for the hell of it, nor can manufacturers do it remotely through software updates. This is probably going to be a problem for a while.
[b]EDIT:[/b] Okay I get that Apple can do it, but Windows Update (to my knowledge) does not push BIOS updates so it would have to be a specific utility developed by Dell, which most people probably wiped some time or another.
[QUOTE=Snowmew;48346902]nor can manufacturers do it remotely through software updates.[/QUOTE]
Of course they can, and they already have. My work macbook got an EFI update like 3 weeks ago.
This isn't the first BIOS/UEFI exploit that I've heard of. Fortunately though, they usually need physical access to plant the malicious code.
[QUOTE=RautaPalli;48346938]Of course they can, and they already have. My work macbook got an EFI update like 3 weeks ago.[/QUOTE]
I've never seen Windows Update offering BIOS updates though. I don't think it can touch anything below the kernel.
What I'd like to know is how this wasn't discovered sooner. If all it takes is sleep, wake, and then attempt to flash an unsigned chunk of code, surely that'd be something they'd test for?
[QUOTE=Snowmew;48346902]I'm pretty sure BIOS updates require flashing... I don't think people just flash their BIOS from time to time just for the hell of it, nor can manufacturers do it remotely through software updates. This is probably going to be a problem for a while.[/QUOTE]
Do you know how much they make software for their package computers? They have a ton of bloatware, but also probably something useful like a bios updater. And flashing can be done from desktop.
[QUOTE=Snowmew;48346902]I'm pretty sure BIOS updates require flashing... I don't think people just flash their BIOS from time to time just for the hell of it, nor can manufacturers do it remotely through software updates. This is probably going to be a problem for a while.[/QUOTE]
Apple push BIOS / EFI updates through the Software Update platform all the time. I haven't seen one addressing this vunerability yet (although it says they have), but I've actually seen features added to a MacBook via such an update (such as charging while the laptop is off, was previously disabled or a weird push email sleep mode).
[QUOTE=fauxpark;48347004]I've never seen Windows Update offering BIOS updates though. I don't think it can touch anything below the kernel.
What I'd like to know is how this wasn't discovered sooner. If all it takes is sleep, wake, and then attempt to flash an unsigned chunk of code, surely that'd be something they'd test for?[/QUOTE]
Depends upon the device, it's possible. The Surface and Surface Pro get UEFI updates through Windows Update.
[QUOTE=~Kiwi~v2;48347049]Gigabyte can flash their boards from Windows. Pretty sure you can do it too via Linux as well.[/QUOTE]
Most non-OEM boards from major manufacturers are capable of doing this. My 6 year old ASUS board can if I remember.
[QUOTE=Snowmew;48346902]I'm pretty sure BIOS updates require flashing... I don't think people just flash their BIOS from time to time just for the hell of it, nor can manufacturers do it remotely through software updates. This is probably going to be a problem for a while.
[b]EDIT:[/b] Okay I get that Apple can do it, but Windows Update (to my knowledge) does not push BIOS updates so it would have to be a specific utility developed by Dell, which most people probably wiped some time or another.[/QUOTE]
I believe that Microsoft also provides UEFI updates for the Surface Pro series through Windows Update.
Sorry, you need to Log In to post a reply to this thread.