![]() ![]() While UEFI malware has been discovered, there is currently only two known pieces of malware that successfully defeat UEFI, and they are both exceedingly rare (and therefor not worth being particularly concerned about, especially since both pieces of software are state-sponsored-level piece of kit). Meanwhile, UEFI is currently still practically secure, though I'll mention the caveat below. UEFI is not foolproof, but it is impervious to traditional rootkits, because all of the infection vectors that previously existed under BIOS are secured as of right now. Rootkits are currently a non-issue on a modern computer (Windows 8 and newer) if from an OEM, because all computers since 2012 and newer require UEFI and SecureBoot to run Windows 8 or newer if they were produced by an OEM. BIOS is simple and security-weak to a significant degree, while UEFI is substantially more secure due to being designed with security in mind (unlike BIOS which was literally intended just to help get from power-on, to loading some form of software with a myriad of different custom tailoring(s) by various OEMs over the years). While there are some pieces of malware out there that can persist through format and reinstallation, they are EXTREMELY rare if you are using modern devices that actually use UEFI versus BIOS. If you don't have the tools to do a proper malware removal, it's pretty much always perfectly safe to just format and reinstall. Luckily, Acer was kind enough to include recovery software within the EFI firmware, and I was able to press a simple hotkey at boot to enter the proprietary wipe and factory reset utility. Bottom line is, at the time being an uneducated high school student, I was unable to repair said "infection" from my machine at the time, and had to do a complete factory reset. It even targeted the poor Windows XP setup utility and tutorial from the System 32 folder. Or, at least disable it to the point of it being "unexecutable" and useless to the user of the machine. This nifty little virus/tool was able to search and scan throughout my entire HDD, every single executable and file on the system that ended in ".exe" and destroy said file from the disk. ![]() So, back to my point about the USB Trojan-Horse I got from a High School workstation. Eventually, I think newer and better "cloud-based" antivirus, and I had pretty much tried them all: MalwareBytes, Avast, Avira, Kaspersky, Norton (bleh), McAfee, IOBit (which is freeware garbage), you name it I've tried it. This was back in the Windows XP days, and I had been using free antivirus at the time (AVG, AdAware, Spybot). Fun historical fact: I was the unlucky recipient of an infected USB drive (my own) that had somehow been programmed to behave like a logic bomb to where as soon as I had plugged it into the USB port in my PC it was going to run automated exploit code like clockwork. ![]() Unlike viruses and malware, these pesky little buggers self-replicate and spread more like an insect/parasite through ones infrastructure. Don't even get me started on worms, as those "worm" their way through networks and enterprise grade telco equipment to get to their destination. Especially if hardware DEP isn't available/just not configured within Windows. They can even manifest in RAM when the PC is operational, as well as the CPU/Processor of the computer. Viruses/Malware can take form in more than just the disk portion of the PC. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |