Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
Be Quiet! Pure Power 12 M - 850W ATX 3.0 PSU review
Corsair H170i Elite Capellix XT review
Forspoken: PC performance graphics benchmarks
ASRock Z790 Taichi review
The Callisto Protocol: PC graphics benchmarks
G.Skill TridentZ 5 RGB 6800 MHz CL34 DDR5 review
Be Quiet! Dark Power 13 - 1000W PSU Review
Palit GeForce RTX 4080 GamingPRO OC review
Core i9 13900K DDR5 7200 MHz (+memory scaling) review
Seasonic Prime Titanium TX-1300 (1300W PSU) review

New Downloads
FurMark Download v1.33.0.0
Intel ARC graphics Driver Download Version: 31.0.101.4091
Corsair Utility Engine Download (iCUE) Download v4.33.138
CPU-Z download v2.04
AMD Radeon Software Adrenalin 23.1.2 (RX 7900) download
GeForce 528.24 WHQL driver download
Display Driver Uninstaller Download version 18.0.6.0
Download Intel network driver package 27.8
ReShade download v5.6.0
Media Player Classic - Home Cinema v2.0.0 Download


New Forum Topics
GeForce RTX 4070 is scheduled for release in April AMD Software: Adrenalin Edition 23.1.2 for AMD Radeon™ RX 7900 Series Corsair Brings iCUE lighting control to ASUS motherboards Microsoft Now Is Proactively Informing Windows 10 users to update to Windows 11 RTX 4090 Owner's thread Asus PBO Enhancement 3DFX Voodoo 5 6000 Rev 3700A 128MB prototype Bids Reach $13,200 Nvidia shows signs ... Sony Bravia fix will be included in the driver after next. EnGenius releases Outdoor Point-to-Point Client Bridge with Wi-Fi 6




Guru3D.com » News » LightEater malware attacks uEFI BIOSes

LightEater malware attacks uEFI BIOSes

by Hilbert Hagedoorn on: 03/21/2015 01:36 PM | source: | 55 comment(s)
LightEater malware attacks uEFI BIOSes

I've been wondering about UEFI BIOSes myself for a while now, sure they look and work great, but an uEFI BIOS is an OS on its own, and as such rather vulnerable. At the security conference CanSecWest, security researchers Corey Kallenberg and Xeno Kovah revealed that even an unskilled person could use an implant called LightEater to infect a vulnerable system in mere moments.

An unpatched BIOS can easily be infected with malware or a virus. Motherboards from companies like Gigabyte, Acer, MSI, HP and Asus are at risk, especially if you are not updating your BIOS on a regular basis towards the latest revision (and let's be frank here, who does ?). 

As betanews writes the following on the topic, Introducing the vulnerability, Kallenberg and Kovah said:

So you think you're doing OPSEC right, right? You're going to crazy lengths to protect yourself, reinstalling your main OS every month, or using a privacy-conscious live DVD like TAILS. Guess what? BIOS malware doesn't care! BIOS malware doesn't give a shit!

The malware can be used to infect huge numbers of systems by creating SMM (System Management Mode) implants which can be tailored to individual BIOSes with simple pattern matching. A BIOS from Gigabyte was found to be particularly insecure.

We didn't even have to do anything special; we just had a kernel driver write an invalid instruction to the first instruction the CPU reads off the flash chip, and bam, it was out for the count, and never was able to boot again.

The vunerability is something that has already been exploited by the NSA, but the researchers are encouraging businesses and governments to take the time to install BIOS patches that plug the security hole.

 







« Download SSD-Z v15.03.15b · LightEater malware attacks uEFI BIOSes · Gigabyte Launches 990XA-UD3 R5 Socket AM3+ Motherboard »

11 pages 1 2 3 4 > »


Extraordinary
Senior Member



Posts: 19558
Joined: 2010-04-21

#5033758 Posted on: 03/21/2015 01:43 PM


Talking to The Register, Kopvah explained that the problem is made worse because of the fact that very few people take the trouble to update their BIOS. This is something the pair are hoping to change by highlighting the ease with which an unpatched BIOS can be infected with malware."



Oh, I keep my BIOS updated, when the manufacture actually releases updates (Yea ASUS, 3 years ago was my last update, thanks)

moab600
Senior Member



Posts: 6567
Joined: 2004-09-30

#5033766 Posted on: 03/21/2015 02:00 PM
If there is anything i can say about Asus bios updates for mobo, is that they are frequent and good, job well done.

Unlike support for xonar series... if that pose a threat i hope they release counter bios fast.

BarryB
Senior Member



Posts: 1163
Joined: 2007-07-11

#5033769 Posted on: 03/21/2015 02:03 PM
My latest BIOS I flashed last September! So, do we need another BIOS update to patch this exploit or will it just be left as they think no one will actually use it?

Extraordinary
Senior Member



Posts: 19558
Joined: 2010-04-21

#5033772 Posted on: 03/21/2015 02:07 PM
If there is anything i can say about Asus bios updates for mobo, is that they are frequent and good, job well done.



This review of my ASUS CHvF board is in August 2011
http://www.guru3d.com/articles-pages/asus-crosshair-v-formula-review,1.html

The last BIOS update for the CHvF was October 2012

Glasofruix
Member



Posts: 98
Joined: 2012-06-25

#5033774 Posted on: 03/21/2015 02:12 PM
updating your BIOS on a regular basis


I just follow the general rule of "if it ain't broken, don't fcking touch it", since you know, updating a bios is not without risks.

11 pages 1 2 3 4 > »


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2023