A US governmental organization in charge of standardizing scientific measurements and technologies has proposed new security guidelines for the BIOS mechanisms that most computers rely on to boot up.
The new guidelines are intended to make the Basic Input/Output System more resistant to malware attacks that target the system firmware. Over the past few years, at least two trojans, one called Mebromi and another proof-of-concept demonstration, have been able to survive reboots operating-system reinstalls and evade antivirus protection by burrowing deep inside an infected computer.
"Unauthorized modification of a BIOS firmware by malicious software constitutes a significant threat because of the BIOS's unique and privileged position within the PC architecture," the new set of guidelines, which were published earlier this week by the National Institute of Standards and Technology, stated. "Malicious BIOS modification could be part of a sophisticated, targeted attack on an organization—either a permanent denial of service or a persistent malware presence."
Source: ars technica
Source: ars technica