Researchers unveil persistent BIOS attack methods

Mar 23, 2009, 19:32 (5 Talkback[s])
(Other stories by Dennis Fisher)

"Apply all of the browser, application and OS patches you want, your machine still can be completely and silently compromised at the lowest level--without the use of any vulnerability.

"That was the rather sobering message delivered by a pair of security researchers from Core Security Technologies in a talk at the CanSecWest conference on methods for infecting the BIOS with persistent code that will survive reboots and reflashing attempts. Anibal Sacco and Alfredo Ortega (above) demonstrated a method for patching the BIOS with a small bit of code that gave them conplete control of the machine."

Complete Story

Related Stories:

• Tips To Protect Linux Servers Physical Console Access(Mar 20, 2009)
• SearchSecurity: How to Break Into a Computer That is Right at Your Fingertips(Oct 06, 2005)
• O'Reilly Network: The Next 50 Years of Computer Security: An Interview with Alan Cox(Sep 14, 2005)