Items tagged with UEFI
When someone thinks of malware, the usual thought is an EXE file containing offending code that is downloaded to a target machine and executed by the user. However, a team at SecureList is trying to make people aware that an incredibly persistent malware framework can exist within a PC's UEFI firmware. The team, consisting of Mark Lechtik, Igor Kuznetsov, and Yury Parshin, found that a malware framework in the UEFI was used “in a series of targeted attacks pointed towards diplomats and members of an NGO from Africa, Asia, and Europe, all showing ties in their activity to North Korea.” UEFI attacks are not necessarily new, but they are not often seen in the wild. As the SecureList...
Read more...
Intel is getting ready to kick legacy BIOS support to the curb, with future platforms taking full advantage of the UEFI Class 3, the most recent version of UEFI. That is already the case for many Intel systems already shipping. By 2020, Intel wants to move on completely, removing BIOS support from UEFI. That means all of its client and datacenter platforms will no longer have a legacy BIOS mode. Image Source: Flickr (Paul Schultz) BIOS, or Basic Input/Output System, is the firmware that initializes hardware when booting up a system. It worked fine for a time, but by around the mid 1990s, its limitations starting catching up to newer systems, in particular larger server platforms that Intel was...
Read more...
Someone at Microsoft is having one of those Southwest moments where the airlines asks, "Want to get away?" That's because someone at the Redmond outfit leaked a security key that could allow attackers to bypass the protections in Windows devices that are put in place through Secure Boot. Worse yet, now that the genie's out of the bottle, there's no putting it back in. Security researchers MY123 and Slipstream discovered the so-called golden key that they say allows someone with admin rights or with physical access to a system to bypass Secure Boot to install and run their operating system of choice, be it Linux or whatever. But beyond that, someone with malicious intentions could plant bootkits...
Read more...
Lenovo is finding itself embroiled in yet another security scandal, and this time it revolves around the BIOS used in many of its PC systems. According to security researcher Dmytro Oleksiuk (aka Cr4sh), the vulnerability lies in the SystemSmmRuntimeRt UEFI driver component of Lenovo’s firmware. Oleksiuk claims that the exploit is present in every ThinkPad machine dating back as far as the X220 and as recently as the T450s. The vulnerability can allow a malicious party to run System Management Mode code on a machine, granting the ability to not only disable flash write protection, but also Secure Boot. It’s also possible to bypass the Virtual Secure Mode (VSM) that is used by Windows 10...
Read more...
Gigabyte had us out to their L.A. offices to show off their latest line of motherboards packing the Intel Z87 chipset, and as usual, the company has a whole lot of SKUs coming down the pike. Clearly, the most work went into Gigabyte’s OC and gaming lines, but there are plenty of welcome surprises and new features in this launch. Extreme OC Series Of all the new motherboards it has brewing, Gigabyte seems to be particularly excited about the Extreme OC series, and it’s not hard to see why. The orange-and-black color scheme takes a backseat to everything the company packed onto the PCB for overclockers on the flagship OC board, the Z87X-OC Force, and the Z87X-OC. First off, there’s...
Read more...
Can something that's just taken a couple of months to arrive still be considered "long-awaited"? If so, the official Linux UEFI pre-bootloader fits the bill, as it's something that's been needed ever since the introduction of the Microsoft-pushed Secure Boot mechanism on UEFI-equipped PCs. We've talked about this pre-bootloader a couple of times in the past. Its goal is simple: to allow Linux OSes to boot up on systems that have Secure Boot enabled. The work-around hasn't been so simple, but it's happened. As discussed last week, this pre-bootloader was recently re-written in order to support every bootloader that could exist, including GRUB and Gummiboot - the latter of which respects Secure...
Read more...
When the Linux Foundation announced that it was creating its own UEFI boot solution, it seemed that our woes about not being able to install Linux on Secure Boot systems would soon be coming to an end. While the "pre-bootloader" is still not production-ready, it's been readily worked on, and recently experienced some significant changes. One of the most important goals of this pre-bootloader is that it'd be able to operate with any primary bootloader just fine, such as GRUB. However, due to design choices, the Gummiboot bootloader was simply incompatible. This is a bootloader that's specifically designed to be as lightweight as possible while still being able to take advantage of all that UEFI...
Read more...
Linux users have long had the right to be concerned about UEFI's "SecureBoot" feature, and this is a perfect justification for it. It seems that on select Samsung notebook models, merely booting into Linux via UEFI can brick it. We're not just talking about something that an OS re-install could fix, either - it literally seems to corrupt the UEFI, requiring the entire mainboard to be replaced. Wow. What makes this problem even more striking is that it's not new. One Ubuntu user last year bricked their Samsung 530U3C when trying to install the OS. Since then, more models have crept up as being problematic. While it'd be easy to pin Samsung as an enemy here, this certainly wasn't something the...
Read more...
When word hit the wire last fall that Microsoft's Windows 8 certification could prevent Linux from being installed to a PC, it caused ripples throughout the open-source community. While it's clear that Microsoft would love for its competition to cease to exist, this marked the first time in history where the company actually held the power to prevent its competition from appearing on the computers it certifies - a scary thought. The reason this could happen owes thanks to Microsoft's use of a "Secure Boot" protocol within the UEFI (the BIOS successor). In order for Windows 8 or any other Secure Boot-enabled OS to load up, an authentication key must be presented at boot time in order for the OS...
Read more...
It's been a few years since Microsoft really shot itself in the foot by making itself look really unfriendly, and someone at the company must've been missing the pain. A careful read of the company's "Windows 8 Hardware Certification Requirements" document has revealed draconian policies that require vendors to block the installation of other operating systems on ARM devices. First, a bit of history. Earlier this fall, Microsoft briefly made waves when it announced that Windows 8 would require that UEFI (the successor to BIOS) Secure Boot be enabled on all systems that ship with Windows 8 installed. Secure Boot uses vendor-provided signed keys to ensure that the OS in question has been properly...
Read more...
