BIOS Protection Guidelines
Modern computers rely on fundamental system firmware, commonly known as the system
Basic Input/Output System (BIOS), to facilitate the hardware initialization process and
transition control to the operating system. The system BIOS is typically developed by
both original equipment manufacturers (OEMs) and independent BIOS vendors, and is
distributed to end users by motherboard or computer manufacturers. Manufacturers
frequently update system firmware to fix bugs, patch vulnerabilities and support new
hardware.
Malicious code in the system BIOS is a significant security threat because the BIOS
executes very early in the boot process and initializes many key hardware and software
components. While there are a variety of threats to the integrity of the system BIOS,
this guide is focused on preventing the update of the system BIOS by malicious
software. The security controls and procedures specified in this document are oriented
to desktops and laptops deployed in enterprise environments.
The attached Zip file includes:
- Intro Page.doc
- Cover Sheet and Terms.pdf
- BIOS Protection Guidelines.pdf