16UEFI FIRMWARE VULNERABILITIES
Security products nowadays tend to focus on threats that operate at the high levels of the software stack, and they achieve reasonably good results. However, this leaves them unable to see what’s going on in the dark waters of firmware. If an attacker has already gained privileged access to the system and installed a firmware implant, these products are useless.
Very few security products examine firmware, and those that do only do so from the operating system level, detecting the presence of implants only after they’ve successfully installed and compromised the system. More complex implants can also use their privileged ...
Get Rootkits and Bootkits now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.