Get Out of My BIOS: Fundamentals of Integrity Measurement

John Storts
Slide Show

Emerging Cyber Threats for 2012

We once thought that our computers' BIOS - responsible for initializing hardware and loading and starting our operating systems - were pretty safe. Thanks to Trojan.Mebromi, the BIOS-targeting malware discovered last fall, you have every reason to fear that cyber criminals plan to exploit this avenue.


Trojan.Mebromi, a rootkit, re-flashes the infected computer's motherboard BIOS, then adds malicious code early in the boot-up routine that changes the computer's master boot record (MBR). As Matt Smith of MakeUseOf sums up:

In doing so, this Trojan hides in a place where anti-virus programs can't look and executes its payload in an environment where they don't exist.

The fact that your AV can't detect it all makes this Trojan even more nefarious, but at least it's some comfort that it's common knowledge in the security world that Mebroni takes advantage of a flaw in only one BIOS maker (Award). Moreover, the malware can't affect 64-bit operating systems and must have escalated user privileges, so UAC (User Access Control) should protect your desktops and laptops from harm. For now.


The IT Downloads library includes two essential tutorials on keeping malware and other nasties out of your BIOS: BIOS Integrity Measurement Guidelines and BIOS Protection Guidelines, both provided by the National Institute of Standards and Technology.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.