BIOS/UEFI (FIRMWARE) Flashcards
What is the Basic Input/Output System (BIOS)?
It is a crucial element of computer systems (ex of firmware) that initializes hardware components and facilitates the boot process (stored in ROM). The BIOS ensures a computer starts up properly and effectively interacts with its hardware. Originally, BIOS was a simple program stored on a ROM chip on the motherboard. It provided basic instructions for the computer to start and load the operating system. When you press the start button, the BIOS checks that the essential hardware is connected and available for operation. It uses complimentary metal oxide semiconductor or CMOS battery is a small coin-shaped battery on the motherboard that powers the CMOS memory chip. Over time, BIOS has evolved to adapt to changing hardware and software requirements.
What is Unified Extensible Firmware Interface (UEFI)?
Modern systems use this to replace traditional BIOS. UEFI offers enhanced features and capabilities, such as support for more extensive storage devices and improved security measures. UEFI offers enhanced features, improved security benefits, and better performance than legacy BIOS. While both systems may exist in tandem on a computer, it is more efficient to use the UEFI to coordinate preferred startup settings. One notable advancement of UEFI is that it enables more complete booting architectures. UEFI uses a 64 bit architecture aka Global Unique Identifier (GUID).
What is firmware vs a driver?
Firmware, much like a driver, is a small piece of code that lies in the center of a device embedded at the time of manufacture. The distinction between firmware and a driver is that firmware is the prime directive for the devices. It includes the instructions that determine how it will behave. In contrast, the driver’s role is to enable interaction between different devices or
between the operating system and the device.
What benefits of UEFI?
-Work w/GPT partitions
-Uses crytography (keys)
-Custom software
-Compatible modern
hardware
-Uses advanced
encryption
-Complex booting
architecture
Why is it important for UEFI updates?
-Enhanced hardware
compatibility
-Improved system stability
-Security patches
What’s a rootkit?
These programs hide malicious code within the system, allowing malicious actors to gain backdoor entry as demonstrated in the screenshot below. This stealthy means of access allows attackers to gain unauthorized access and control whenever the system boots up.
What’s a bootkit?
Designed to infect the boot process, bootkits intercept control before the operating system loads, enabling them to launch further attacks. They are very similar to Rootkits in that they can act as a backdoor for other viruses. However, they differ in that they act before the operating system is loaded. This deeper level of integration makes them very challenging to detect. They can scan information as the operating system interprets it.
What’s a firware flashing malware?
Malicious code can directly modify the UEFI firmware, potentially causing permanent damage or compromising the system’s integrity. The firmware is the prime instructions for the device. An attack of this nature is like setting an attack on the blueprints of a building.
What are UEFI vulnerbilities?
-Complex codebase
-Outdated firmware
-Misconfigurations
How do you safeguard UEFI against issues/threats?
-Reg firmware updates
-Secure boot
-“ “ config
-UEFI security audits
