Printed from http://www.electronista.com

NIST seeks comments on PC BIOS protection draft report

updated 06:20 pm EDT, Mon August 27, 2012

BIOS or UEFI attacks could render a system completely unusable

The US National Institute of Standards and Technology (NIST) has released a report offering advice to PC manufacturers on how they can assist the public good by protecting the BIOS used on servers. The report is a draft, and comments can be left with the agency until September 14, 2012. The report follows a similar report urging improvements in laptop and desktop workstations from 2011, in the wake of the Mebromi BIOS-altering malware.

The report cites the "unique and privileged position" of the BIOS as the motivation behind the revised guidelines. Of particular concern, the a BIOS attack "could be part of a sophisticated, targeted attack on an organization--either a permanent denial of service or a persistent malware presence" according to the report.

A migration underway from BIOS implementation to the Unified Extensible Firmware Interface (UEFI) may make it easier for widespread attacks, as the UEFI is based on a universal specification. In order to qualify for the "Designed for Windows 8" program, computers must use UEFI with secure boot enabled. Apple has used UEFI in 32-bit mode until the 64-bit implementation in OS X 10.8 Mountain Lion, making a cross-operating system attack possible without separate executable branches of code like found in the recent Crisis malware.

To combat the increasing ease of BIOS attacks, NIST recommends that manufactures cryptographically sign their BIOS updates, and starting to think of the BIOS as "the foundation for a secure system," according to report co-author Andrew Regenscheid.

Only a handful of pre-UEFI BIOS-altering malware exist, due to the variety of environments possible. Windows-specific CIH and Chernobyl may be the first examples from the late '90s. The Mebroni malware from 2011 was very specific, only infecting Award-manufactured BIOS ROM and failing to properly execute with other manufacturers' chipsets.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

IDrive cloud backup and sync service

There are a lot of cloud services out there, and nearly all of them can be used for backing up key files and folders. A few dedicated ...

Asus Chromebook C300

When Chromebooks hit the market back in 2011, consumers didn't know what to do with them. The low-cost laptops, powered by Google's Ch ...

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

Sponsor

toggle

Most Commented

 
toggle

Popular News