BIOS Plot Update

Back in March 2014, I wrote an blog  about the risks of BIOS Malware and provided some history of attacks that had been seen.  Now, 9 months later, vert has announced 3 sepeartte vulnerabilities in BIOS code that affects multiple vendors.These flaws could allow an attacker with [physical access to a machine to bypass security and replace the BIOS firmware.

Cert advisories regarding BIOS vulnerabilities: - Vulnerability Note VU#976132
- Vulnerability Note VU#766164
- Vulnerability Note VU#533140





I have NOT tested any of the updates/tools listed below - just providing what information I could find

These are the vendors that are known to be affected at this time.  However, it’s not known whether other large vendors may be vulnerable


American Megatrends Incorporated - no information on their website about a fix
 - try using the Firmware Update Tool

Phoenix Technologies - no information on their website about a fix
 - BIOSAgentPlus may work

Intel site has link to an update, plus additional details regarding the vulnerability

Insyde Software Corporation - no information on their website about a fix. Vendor states that issue was fixed in releases from week 49 of 2012.

Additional Reading (in your spare time of course!)

• My KPMG Forensic Focus Article: Corruption at the Computer’s Core: Reducing the Risk of BIOS-attacking Malware
•  PC World Article on the vulnerabilities:Firmware flaws could allow a malicious reflash, US CERT warns