Printed from http://www.electronista.com

NIST seeks comments on PC BIOS protection draft report

updated 06:20 pm EDT, Mon August 27, 2012

BIOS or UEFI attacks could render a system completely unusable

The US National Institute of Standards and Technology (NIST) has released a report offering advice to PC manufacturers on how they can assist the public good by protecting the BIOS used on servers. The report is a draft, and comments can be left with the agency until September 14, 2012. The report follows a similar report urging improvements in laptop and desktop workstations from 2011, in the wake of the Mebromi BIOS-altering malware.

The report cites the "unique and privileged position" of the BIOS as the motivation behind the revised guidelines. Of particular concern, the a BIOS attack "could be part of a sophisticated, targeted attack on an organization--either a permanent denial of service or a persistent malware presence" according to the report.

A migration underway from BIOS implementation to the Unified Extensible Firmware Interface (UEFI) may make it easier for widespread attacks, as the UEFI is based on a universal specification. In order to qualify for the "Designed for Windows 8" program, computers must use UEFI with secure boot enabled. Apple has used UEFI in 32-bit mode until the 64-bit implementation in OS X 10.8 Mountain Lion, making a cross-operating system attack possible without separate executable branches of code like found in the recent Crisis malware.

To combat the increasing ease of BIOS attacks, NIST recommends that manufactures cryptographically sign their BIOS updates, and starting to think of the BIOS as "the foundation for a secure system," according to report co-author Andrew Regenscheid.

Only a handful of pre-UEFI BIOS-altering malware exist, due to the variety of environments possible. Windows-specific CIH and Chernobyl may be the first examples from the late '90s. The Mebroni malware from 2011 was very specific, only infecting Award-manufactured BIOS ROM and failing to properly execute with other manufacturers' chipsets.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lacking ...

Sponsor

toggle

Most Commented

 
toggle

Popular News