ASUS TUF Gaming B760-PLUS WIFI D4 review
Netac NV7000 2 TB NVMe SSD Review
ASUS GeForce RTX 4080 Noctua OC Edition review
MSI Clutch GM51 Wireless mouse review
ASUS ROG STRIX B760-F Gaming WIFI review
Asus ROG Harpe Ace Aim Lab Edition mouse review
SteelSeries Arctis Nova Pro Headset review
Ryzen 7800X3D preview - 7950X3D One CCD Disabled
MSI VIGOR GK71 SONIC Blue keyboard review
AMD Ryzen 9 7950X3D processor review
LightEater malware attacks uEFI BIOSes
I've been wondering about UEFI BIOSes myself for a while now, sure they look and work great, but an uEFI BIOS is an OS on its own, and as such rather vulnerable. At the security conference CanSecWest, security researchers Corey Kallenberg and Xeno Kovah revealed that even an unskilled person could use an implant called LightEater to infect a vulnerable system in mere moments.
An unpatched BIOS can easily be infected with malware or a virus. Motherboards from companies like Gigabyte, Acer, MSI, HP and Asus are at risk, especially if you are not updating your BIOS on a regular basis towards the latest revision (and let's be frank here, who does ?).
As betanews writes the following on the topic, Introducing the vulnerability, Kallenberg and Kovah said:
So you think you're doing OPSEC right, right? You're going to crazy lengths to protect yourself, reinstalling your main OS every month, or using a privacy-conscious live DVD like TAILS. Guess what? BIOS malware doesn't care! BIOS malware doesn't give a shit!
The malware can be used to infect huge numbers of systems by creating SMM (System Management Mode) implants which can be tailored to individual BIOSes with simple pattern matching. A BIOS from Gigabyte was found to be particularly insecure.
We didn't even have to do anything special; we just had a kernel driver write an invalid instruction to the first instruction the CPU reads off the flash chip, and bam, it was out for the count, and never was able to boot again.
The vunerability is something that has already been exploited by the NSA, but the researchers are encouraging businesses and governments to take the time to install BIOS patches that plug the security hole.
Aura89
Senior Member
Posts: 8394
Joined: 2008-07-31
Senior Member
Posts: 8394
Joined: 2008-07-31
#5035548 Posted on: 03/23/2015 11:40 PM
only problem with this rule is that, "if it's not fixed, it could break"
I just follow the general rule of "if it ain't broken, don't fcking touch it", since you know, updating a bios is not without risks.
only problem with this rule is that, "if it's not fixed, it could break"
Brewskie
Junior Member
Posts: 16
Joined: 2001-06-15
Junior Member
Posts: 16
Joined: 2001-06-15
#5035577 Posted on: 03/24/2015 12:37 AM
Well
I would like to keep updating my mainboard firmware
But Asus sees to it that I can't
My P8P67 Deluxe hasn't been updated for years
Well
I would like to keep updating my mainboard firmware
But Asus sees to it that I can't
My P8P67 Deluxe hasn't been updated for years
CalculuS
Senior Member
Posts: 3239
Joined: 2014-07-28
Senior Member
Posts: 3239
Joined: 2014-07-28
#5035584 Posted on: 03/24/2015 12:50 AM
Well
I would like to keep updating my mainboard firmware
But Asus sees to it that I can't
My P8P67 Deluxe hasn't been updated for years
Same here, last bios update is 3 years ago.
Well
I would like to keep updating my mainboard firmware
But Asus sees to it that I can't
My P8P67 Deluxe hasn't been updated for years
Same here, last bios update is 3 years ago.
sykozis
Senior Member
Posts: 22421
Joined: 2008-07-14
Senior Member
Posts: 22421
Joined: 2008-07-14
#5035608 Posted on: 03/24/2015 01:46 AM
Well that's it...
Fwiw here is the source material.
This became a non issue after the first sentence.
I mean a person with physical access and knowledge can pretty much do anything they want. Hence why we have secure rooms with keycards and door guards.
Aren't these guys the same ones who made a song and dance over USB emulation hacking a while ago? (btw don't you just love the title?)
I don't worry about any "vulnerability" or "exploit" that requires direct, physical access to my PC. In the "attacker" needs direct, physical access to my PC....then no "vulnerability" or "exploit" really exists.
Well that's it...
Fwiw here is the source material.
This became a non issue after the first sentence.
I mean a person with physical access and knowledge can pretty much do anything they want. Hence why we have secure rooms with keycards and door guards.
Aren't these guys the same ones who made a song and dance over USB emulation hacking a while ago? (btw don't you just love the title?)
I don't worry about any "vulnerability" or "exploit" that requires direct, physical access to my PC. In the "attacker" needs direct, physical access to my PC....then no "vulnerability" or "exploit" really exists.
Click here to post a comment for this news story on the message forum.
Senior Member
Posts: 5535
Joined: 2007-05-05
Exactly...
Which means I'm safe. Got one of the last pre UEFI gen Gigabyte Motherboards.
What makes you think that your BIOS is safe?
Old legacy BIOS could be hacked and broken from within Windows for ages, it has never been safe.