Researchers unveil persistent BIOS attack methods
Mar 23, 2009, 19:32 (5 Talkback[s])
(Other stories by Dennis Fisher)
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
"Apply all of the browser, application and OS patches you want,
your machine still can be completely and silently compromised at
the lowest level--without the use of any vulnerability.
"That was the rather sobering message delivered by a pair of
security researchers from Core Security Technologies in a talk at
the CanSecWest conference on methods for infecting the BIOS with
persistent code that will survive reboots and reflashing attempts.
Anibal Sacco and Alfredo Ortega (above) demonstrated a method for
patching the BIOS with a small bit of code that gave them conplete
control of the machine."