LightEater Malware via Unpatched BIOSes

[carnageX]

So this is pretty interesting:

LightEater malware attack places millions of unpatched BIOSes at risk

The malware can be used to infect huge numbers of systems by creating SMM (System Management Mode) implants which can be tailored to individual BIOSes with simple pattern matching. A BIOS from Gigabyte was found to be particularly insecure.

 

[zaka100]

Cool, I wanna test that virus on vbox!!!

 

[C0RR0SIVE]

Not cool... This is a major security issue that no manufacture wants to deal with and they are just going to continue to ignore it while governments, and malware authors continue to abuse it. I would say most all this was intentional to begin with so BigBrother could get privy with us.

 

[Joe C]

I guess we all need to re-flash our bios on a weekly basis now

Edit: on second thought....We probably have the Chinese making our bios chips, and we are worried about the U.S. govt?

 

[C0RR0SIVE]

True dat. The sad fact is, manufactures refuse to release BIOS updates after so many months. I have a $300 motherboard that had ONE update, 6 months after release, and no more after that. Yet the BIOS for it is still busted.

 

[carnageX]

True dat. The sad fact is, manufactures refuse to release BIOS updates after so many months. I have a $300 motherboard that had ONE update, 6 months after release, and no more after that. Yet the BIOS for it is still busted.

Better learn how to BIOS mod .

 

[Joe C]

True dat. The sad fact is, manufactures refuse to release BIOS updates after so many months. I have a $300 motherboard that had ONE update, 6 months after release, and no more after that. Yet the BIOS for it is still busted.

Why require a new bios to flash?
Just re-flash with the same bios version. If the existing bios has something added that is unwanted, re-flashing even with the same version will remove what ever it was