As viruses that affect the bios and run outside the OS are becoming more commmon, I am thinking it may be wise to use hardware that features bios flash protection. This feature can ensure against being infected by one of these nasty viruses, and imo bios protection should be standard, not the exception. Can anyone a common desktop computer and/or motherboard that might have this type of bios protection featured? I know they are relatively hard to find these days.
Also, I would like to know how these bios viruses work as far as installing them remotely. I know they need to generally flash the bios to install. But from a remote compromise standpoint, does the attacker need to first be able to run code in the OS to reach the bios, or can the the bios be accessed in some way outside of having to go through the OS? Basically I am wondering if having a hardened OS is any defense at all against bios exploits over the network.
September 4, 2012 4:33 AM