“A collection of functions for power management, known as the Advanced Configuration and Power Interface (ACPI), has its own high-level interpreted language that could be used to code a rootkit and store key attack functions in the Basic Input/Output System (BIOS) in flash memory, according to John Heasman, principal security consultant for UK based Next-Generation Security Software.
The researcher tested basic features, such as elevating privileges and reading physical memory, using malicious procedures that replaced legitimate functions stored in flash memory.
“Rootkits are becoming more of a threat in general- BIOS is just the next step,” Heasman said during a presentation at the conference. “While this is not a threat now, it is a warning to people to look out.””
Here is some more Tech News from around the web:
- SPAMfighter 4.3.0 Review @ NGOHQ
- Top Products from CES @ eCoustics
- 975X Boards Not Ready For Conroe Yet @ VR Zone
- Abstraction Layers And Their Importance @ ASE Labs
- Scythe Survey Contest Officially Released @ Adrian’s Rojak Pot
- Burning visible images onto CD-Rs with data (beta) @ MAKE:Blog
- Computer Power User (CPU) magazine giveaway @ CaseModGod.com
- Digital Zoom Versus Optical Zoom @ Digital Grabber
- Editing your digital images without the mystery, Part III: compositing @ Ars Technica
- Partial precision to be removed from DirectX 10 @ Elite Bastards
- Fatal1ty; The Next Michael Jordon @ CoolTechZone.com
- HP debuts water cooling system @ CNET
- Intel Viiv Launch @ UKGamer
- Windows VISTA Beta 2 Build 5259 Preview @ ExtremeMHz
Source: The Register
If you thought that getting unexpectedly flashed was for Frosh Week and Football games, you have something new to consider. According to this story from The Register, malicious BIOS flashing could be the next big viral problem for PC’s. This kind of exploit has not been spotted in the wild yet, but it is probably coming … though I suppose it might not be called streaking.