Monday, 5 January 2015

CERT / CC Warns BIOS Flaw in Intel Chipsets

The CERT Coordination Center (CERT / CC) at Carnegie Mellon University has warned of a vulnerability in the Intel chipsets making it possible to adjust the BIOS to circumvent Secure Boot and damage the firmware of the motherboard so that the system will not work anymore. In addition, there is also warned of a vulnerability in various UEFI systems. Both vulnerabilities were demonstrated during the recent CCC conference in Hamburg.

The first issue ( pdf ) is located in the Intel chipsets that use a particular way to the BIOS (Basic Input / Output System and the first major software running when you start the computer) to protect against writing. The vulnerability is possible to bypass this protection and yet to make adjustments. A local attacker with access to the system can then write malicious code to the firmware of the computer.

It is also possible if a certain variable is set, which is the case in many implementations, in order to circumvent the security measure Secure Boot. Secure Boot is a feature that only with a valid digital signature software loads on startup. Finally, an attacker could also damage the computer's firmware, so that will not boot.

The problem is at least in American Megatrends Incorporated (AMI) and Phoenix Technologies. These are manufacturers whose BIOS / UEFI software is used by a large number of computers. Or manufacturers such as Asus, Dell, HP, Intel, Sony and Toshiba are vulnerable is unknown. The CERT / CC currently has no concrete solution for owners of an affected system.

Unified Extensible Firmware Interface (UEFI)

In addition to the above problem, researchers found Corey Kallenberg and Rafal Wojtczuk a vulnerability ( pdf ) in UEFI firmware of many computers. UEFI is a new model for the interface between the computer's operating system and firmware of the platform. It is used in almost all modern computers. A vulnerability in the UEFI firmware allows a local attacker to access the "boot script" can get to then bypass the write protection.

After this it is possible to bypass Secure Boot or modify the firmware of the computer, even if that just signed firmware to accept. Like the problem with the Intel chipsets may now be corrupted firmware so that the computer will not start. This problem is at least in AMI, Intel and Phoenix Technologies. Again given no concrete action perspective and highlights the CERT / CC for information from the respective vendors.

No comments:

Post a Comment