Defeating Signed BIOS Enforcement

Corey Kallenberg, John Butterworth, Xeno Kovah, Sam Cornwell
September, 2013
Cite Slides (PDF) Whitepaper (PDF) Conference Presentation Video

Abstract

While there had been previous attacks, against BIOS, they often relied on having a BIOS that was wide open. Only a single previous publication had successfully attacked a BIOS and altered its contents, even though the BIOS should ostensibly be un-alterable except in the presence of a signed BIOS update. This talk presented the second ever BIOS exploit (VU#912156), and a third way to also bypass the signed update requirement (VU#255726-not-yet-published).

Type
Conference paper
Publication
In EkoParty 2013, Hack in the Box KUL 2013, PacSec 2013, (vu#912156 material appeared in BlackHat USA 2013)
firmware security BIOS security BIOS attack TPM measured-boot attack
Xeno Kovah
Xeno Kovah
Dark Mentor Level X

Hacking firmware like it’s no big deal.