News New UEFI vulnerability bypasses Secure Boot — bootkits stay undetected even after OS re-install

[Admin]

A new UEFI flaw has been discovered that enables attackers to infect motherboard firmware, staying hidden from operating system security systems.

New UEFI vulnerability bypasses Secure Boot — bootkits stay undetected even after OS re-install : Read more

 

[ex_bubblehead]

"The more they overthink the plumbing, the easier it is to stop up the drain." ---- Cdr. Montgomery Scott, Starfleet

 

[OldAnalogWorld]

I can only joke, with some irony (and even malice), that antivirus companies will have to develop exploits in OS and UEFI to defeat the enemy. First of all, to independently penetrate the -2 ring when they do not have enough privileges, as usually happens with malicious viruses and exploits that try to get from the 3 ring to 2,1,0,-1,-2... -3 is inaccessible to anyone (except US intelligence agencies) - this is the level of undocumented malware called Intel ME/AMD PSP...

 

[watzupken]

The more complications they add, the more vulnerabilities they open up.

 

[AkroZ]

The more complications they add, the more vulnerabilities they open up.

It's not a complexity error, it's a major conceptual flaw: they make UEFI and they provided a tool to help update it, they added the security checks in the update tool instead of UEFI. The update tool is not required, it use UEFI functions, any developpers wanting to streamline the process can make it in its own application without calling the update tool, that's the list of applications provided.

 

[das_stig]

So much for the much praised UEFI being so secure, a bit like needing TPM2 being needing to be secure, just another sales pitch from Intel, Microsoft and the mega corps ripping off the consumers to force purchases.

 

[USAFRet]

So much for the much praised UEFI being so secure, a bit like needing TPM2 being needing to be secure, just another sales pitch from Intel, Microsoft and the mega corps ripping off the consumers to force purchases.

Nothing is foolproof and secure forever.
It is a continual game of cat and mouse.

 

[popatim]

For anyone who has used that software, I would update the firmware and re-install the OS just to be safe.

 

[das_stig]

Nothing is foolproof and secure forever.
It is a continual game of cat and mouse.

Yes but back in the dark ages, if your bios got wiped, usually you own fault for booting a dodgy disk, now you have the pleasure of UEFI silently updating in the background dumping its load.

 

[BFG-9000]

Bah! Back in the day, a BIOS chip was 8kB. Nowadays they can be 32MB--and Windows 3.11 only required 10MB of disk space free to install. Pretty soon there'll be enough space to install NT in there.

I guess it has to be that big now to hold the firmware for the Intel Management Engine or AMD Platform Security Processor, both being a separate computer within your computer that runs all of the time (even when the main computer is asleep) and has access to memory and network which can bypass any OS firewall to phone home. What could go wrong?