Security Flaws In 'Unpatched BIOSes' Puts Millions Of Computers At Risk

Security Flaws In 'Unpatched BIOSes' Puts Millions Of Computers At Risk
Security researchers Corey Kallenberg and Xeno Kovah has revealed that the security flaws in millions of unpatched BIOSes could be exploited by using a malware called LightEater to take over the vulnerable systems.

The researchers presented a paper titled "How many million BIOSes would you like to infect?" at security conference CanSecWest and revealed that even an unskilled person (Noob) could use the LightEater malware to infect a vulnerable system in mere moments.

LightEater attack could be used to render a computer unusable or to to steal passwords and intercept encrypted data. It affects motherboards from popular companies including Acer, Asus, Gigabyte, HP and MSI.

Kopvah and Kallenberg said, "So you think you're doing OPSEC right, right? You're going to crazy lengths to protect yourself, reinstalling your main OS every month, or using a privacy-conscious live DVD like TAILS. Guess what? BIOS malware doesn't care! BIOS malware doesn't give a shit!"

"We didn't even have to do anything special; we just had a kernel driver write an invalid instruction to the first instruction the CPU reads off the flash chip, and bam, it was out for the count, and never was able to boot again."

"Almost no one patches their BIOSes, almost every BIOS in the wild is affected by at least one vulnerability, and can be infected," Kopvah says.

The LightEater can be used to infect a large number of systems by creating System Management Mode implants which can be tailored to individual BIOSes with simple pattern matching.

Researchers urges businesses and governments to install BIOS patches to avoid future attacks. 

No comments

Powered by Blogger.