Abstract
The paper presents an overview of current attacks on BIOS and Intel ME embedded software of modern Intel-based computers. We describe the results of the analysis of its security for system boards of basic manufacturers. We also allocate classes of attacks that make it possible to create implants whose discovery by traditional methods of searching for undeclared features becomes impossible or extremely difficult.
Similar content being viewed by others
REFERENCES
Ermolov, A., Bypassing Intel Boot Guard, 2017. https://embedi.com/blog/bypassing-intel-boot-guard.
Ververis, V., Security Evaluation of Intel’s Active Management Technology, 2010. https://people.kth.se/~maguire/ DEGREE-PROJECT-REPORTS/100402-Vassilios_Ververis-with-cover.pdf.
Wojtczuk, R. and Tereshkin, A., Introducing Ring -3 Rootkits, 2009. https://invisiblethingslab.com/resources/ bh09usa/Ring%20-3%20Rootkits.pdf.
Ermolov, M. and Goryachy, M., How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel ME, 2018. http://blog.ptsecurity.com/2018/01/running-unsigned-code-in-intel-me.html.
Sklyarov, D., Intel ME 11.x Firmware Images Unpacker. https://github.com/ptresearch/unME11.
Sklyarov, D., Intel ME 12.x Firmware Images Unpacker. https://github.com/ptresearch/unME12.
Skochinsky, I., Rootkit in your laptop: Hidden code in your chipset and how to discover what exactly it does, 2012. http://me.bios.io/images/c/ca/Rootkit_in_your_laptop.pdf.
Ermolov, A., Schrödinger Trusted Boot Intel Boot Guard, 2017. https://dsec.ru/wp-content/uploads/pdf-dsec-old/.
Ermolov, M. and Goryachy, M., Disabling Intel ME 11 via undocumented mode, 2017. https://www.ptsecurity.com/ upload/corporate/ww-en/analytics/Intel-ME-disable-eng.pdf.
Kallenberg, C. and Wojtczuk, R., Speed Racer: Exploiting an Intel Flash Protection Race Condition. http://composter.com.ua/documents/Exploiting_Flash_Protection_Race_Condition.pdf.
Author information
Authors and Affiliations
Corresponding authors
Ethics declarations
The authors declare that they have no conflicts of interest.
Additional information
Translated by L. Kartvelishvili
About this article
Cite this article
Pankov, I.D., Konoplev, A.S. & Chernov, A.Y. Analysis of the Security of UEFI BIOS Embedded Software in Modern Intel-Based Computers. Aut. Control Comp. Sci. 53, 865–869 (2019). https://doi.org/10.3103/S0146411619080224
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411619080224