Dark Reading: BIOS Bummer: New Malware Can Bypass BIOS Security

/Home/Internet Security: Articles/Internet Security: Dark Reading/Dark Reading: Vulnerabilities & Threats

Researchers expect to release proofs-of-concept at Black Hat that show how malware can infect BIOS, persist past updates, and fool the TPM into thinking everything's fine

By Ericka Chickowski
May 23, 2013

As more hardware vendors seek to implement the new NIST 800-155 specification that was designed to make the start-up BIOS firmware on our PCs and laptops more secure, they may need to rethink the security assumptions upon which the standard depends. A trio of researchers from The MITRE Corp. say that the current approach relies too heavily on access control mechanisms that can easily be bypassed.

Click the URL above to read the full article