Highest Voted 'uefi' Questions - IT Security Stack Exchange

1

vote

0 answers

Is it possible for malware to overwrite UEFI code when installing an operating system?

If the ISO file for an operating system is malicious, is it possible for it to overwrite UEFI code when booted (If secure boot is disabled)?

operating-systems uefi secure-boot

asked Feb 19 '22 at 14:16

4389759843759

11
1

1

vote

1 answer

Ability of an infected UEFI bios to store data on computer

Suppose the UEFI BIOS is infected. The storage device is encrypted, there is no network access to the system, and RAM is encrypted. Is there any writable storage that an infected UEFI can write to where it can store the screenshots that it had…

system-compromise bios uefi

asked Dec 02 '21 at 09:50

Bob

35
4

1

vote

0 answers

Do anti-cheat software actually "patch" the UEFI firmware on your motherboard?

I've recently read about the new game called Bloodhunt containing an Anti-Cheat, which had a bug, in which the anti-cheat service would stay installed even though the game is removed. The top Steam review called it out as Spyware and the review…

software confidentiality patching threats uefi

asked Oct 28 '21 at 12:05

Sir Muffington

1,447
2
9
22

1

vote

0 answers

Restricting what hard drive can be used with a given machine

I have a machine running CentOS 7 with a removable hard drive. I want to restrict what hard drive can be used with the machine i.e. the machine can only be used with one disk and nothing else. I've been looking in to UEFI secure boot. Can UEFI…

bios centos uefi secure-boot

asked Dec 03 '20 at 06:09

PCL

111
1

1

vote

0 answers

Does (UEFI) secure boot provide security advantages over TPM measured boot?

Given how UEFI secure boot appears later than TPM, i had assumption that it provides advantages over TPM. As i read into each, it appears to me that the TPM measurements to each stage would provide about the same level of integrity guarantee as how…

tpm uefi trusted-boot secure-boot

asked Aug 15 '20 at 23:32

Feiyeung

11
1

1

vote

1 answer

Can website exploit kits contain bootkits?

Can a website exploit kit theoretically contain a bootkit (it flashes your UEFI/BIOS)?

vulnerability websites bios uefi exploit-kits

asked Oct 21 '19 at 18:33

Sir Muffington

1,447
2
9
22

1

vote

0 answers

using sha256 to check for boot tampering

Consider the following machine: Dual Boots to two OSes, OS "A" and OS "B" OS "A" is trusted The bios is trusted. The root partition of OS "A" is encrypted OS "A" doesn't support secure boot OS "B" is not trusted. shim/refind is installed with…

tpm bios uefi

asked Dec 22 '18 at 02:37

redfish64

111
1

1

vote

2 answers

Meltdown & UEFI

I've been trying to understand the risk of an unprotected BIOS being the victim of an UEFI attack using Meltdown and what the risks are compared to the bug being unpatched in the OS. What is required in order to insert UEFI malware? Is this possible…

meltdown uefi

asked Jan 11 '18 at 14:46

JLo

237
1
7

1

vote

2 answers

Would it add security to set a GRUB password if HDDs are encrypted and UEFI settings can be opened anyway?

So I'm using Debian 9.1 with KDE and have my hard drives encrypted. Now I'm wondering whether to additionally add a GRUB password as described here. Would that make sense? As the hard drives are encrypted nobody should be able to boot/access them…

passwords boot uefi grub

asked Aug 01 '17 at 13:16

mYnDstrEAm

319
2
17

1

vote

1 answer

Full disk encryption for UEFI non-OS GPT drives? (VeraCrypt)

Is there a way to fully encrypt UEFI GPT non-system drives? I'd like to use the open source successor of TrueCrypt VeraCrypt. Also I'm interested in whether it also works for two drives that were virtually merged into a single drive.

disk-encryption veracrypt uefi

asked Feb 21 '17 at 09:24

mYnDstrEAm

319
2
17

1

vote

1 answer

Yubikey for signing efi images, could not find token

I am trying to sign an efi image with a Yubikey 4 I configured Yubikey with the following: yubico-piv-tool -k $key -a import-key -s 9c < test-key.rsa yubico-piv-tool -k $key -a import-certificate -s 9c < test-cert.pem I included the certificate in…

yubikey uefi pkcs11

asked Nov 11 '16 at 11:39

Lilás

339
2
7

1

vote

1 answer

How not to be hacked through Computrace?

Computrace can be used by hackers. I would like if someone can explain in plain language (for mere mortal) how in what circumstances Computrace can be used by hackers (Am I vulnerable always or if I use administrator account etc) and what to do to…

windows bios uefi

asked Oct 13 '16 at 17:23

R S

225
2
7

1

vote

1 answer

How is a software update done securely?

So a secure boot process starts with a hardware based chain of trust. The root public key is baked into the ROM which is used to verify the low level boot loader which in turn boots the kernel. With this implemented, a software update will then be…

operating-systems updates uefi

asked Oct 03 '16 at 00:47

user220201

893
9
22

1

vote

0 answers

Why was I able to run Sharpkeys even though it isn't signed and Windows 10 Device Guard was enabled?

It didn't trigger SmartScreen but it was still unsigned. I enabled Device Guard right after setting up Windows, so I'm pretty sure it isn't hacked I was also able to install and run TPfancontrol EDIT: so apparently it's actually a really involved…

windows-10 uefi

asked Sep 28 '16 at 16:53

genealogyxie

431
3
13

1

vote

1 answer

Are UEFI vulnerable to the same password bypass techniques as BIOS?

I'm trying to understand if the old school ways of bypassing a BIOS password (flip the BIOS jumper or remove the CMOS battery) still affect (some or all) modern UEFI? If not, what protections do modern UEFI implement that prevent it?

passwords bios uefi

asked Jul 14 '16 at 12:28

Juicy

1,407
4
16
31

Questions tagged [uefi]