Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Windows IT

Unkillable UEFI Malware Bypassing Secure Boot Enabled By Unpatchable Windows Flaw (arstechnica.com) 115

Researchers have announced a major cybersecurity find -- the world's first-known instance of real-world malware that can hijack a computer's boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows. From a report: Dubbed BlackLotus, the malware is what's known as a UEFI bootkit. These sophisticated pieces of malware hijack the UEFI -- short for Unified Extensible Firmware Interface -- the low-level and complex chain of firmware responsible for booting up virtually every modern computer. As the mechanism that bridges a PC's device firmware with its operating system, the UEFI is an OS in its own right. It's located in an SPI-connected flash storage chip soldered onto the computer motherboard, making it difficult to inspect or patch. Because the UEFI is the first thing to run when a computer is turned on, it influences the OS, security apps, and all other software that follows. These traits make the UEFI the perfect place to run malware. When successful, UEFI bootkits disable OS security mechanisms and ensure that a computer remains infected with stealthy malware that runs at the kernel mode or user mode, even after the operating system is reinstalled or a hard drive is replaced.

As appealing as it is to threat actors to install nearly invisible and unremovable malware that has kernel-level access, there are a few formidable hurdles standing in their way. One is the requirement that they first hack the device and gain administrator system rights, either by exploiting one or more vulnerabilities in the OS or apps or by tricking a user into installing trojanized software. Only after this high bar is cleared can the threat actor attempt an installation of the bootkit. The second thing standing in the way of UEFI attacks is UEFI Secure Boot, an industry-wide standard that uses cryptographic signatures to ensure that each piece of software used during startup is trusted by a computer's manufacturer. Secure Boot is designed to create a chain of trust that will prevent attackers from replacing the intended bootup firmware with malicious firmware. If a single firmware link in that chain isn't recognized, Secure Boot will prevent the device from starting.

This discussion has been archived. No new comments can be posted.

Unkillable UEFI Malware Bypassing Secure Boot Enabled By Unpatchable Windows Flaw

Comments Filter:
  • read-only jumper (Score:5, Informative)

    by OrangeTide ( 124937 ) on Monday March 06, 2023 @02:27PM (#63347791) Homepage Journal

    Back in the old days you had to physically move a jumper to flash your firmware. Because it turns out you didn't want some remote actor doing it for you when you aren't around.

    • Back in the old days you had to physically move a jumper to flash your firmware. Because it turns out you didn't want some remote actor doing it for you when you aren't around.

      That's fine for your home PC; it's not so convenient when you're trying to update the hundreds or thousands of desktops being used by your company.

      • Comment removed (Score:5, Insightful)

        by account_deleted ( 4530225 ) on Monday March 06, 2023 @02:38PM (#63347849)
        Comment removed based on user account deletion
        • Comment removed (Score:4, Insightful)

          by account_deleted ( 4530225 ) on Monday March 06, 2023 @02:39PM (#63347863)
          Comment removed based on user account deletion
          • by Luckyo ( 1726890 )

            Exact diametric opposite. Ergonomics are critical. Good hardware is critical. Conveniently placed restroom facilities are critical.

            Heck, even convenient ways to clock in are critical.

            • Comment removed based on user account deletion
        • by dvice ( 6309704 )

          NIST no longer recommends scheduled password changes, because it is bad for security. It is also bad for convenience. So when you get rid of it, you are going left and right at the same time.

          • Re: (Score:3, Insightful)

            by olmsfam ( 1399493 )
            This is often misquoted. Their actual recommendation is to disable scheduled password changes in lieu of Multi factor auth mechanisms. And these are in fact, very inconvenient.
      • by Etcetera ( 14711 ) on Monday March 06, 2023 @02:39PM (#63347859) Homepage

        Back in the old days you had to physically move a jumper to flash your firmware. Because it turns out you didn't want some remote actor doing it for you when you aren't around.

        That's fine for your home PC; it's not so convenient when you're trying to update the hundreds or thousands of desktops being used by your company.

        Are you kidding? That's exactly how you prevent your entire company falling victim to a ransomware infection all at once. And if you're referring to server hardware, the cost of paying a DC Ops guy to manually verify and coordinate firmware updates via physical button press with your Sustained Operations team initiating it is trivial compared to the cost of a mass attack -- especially one that results in hardware you're really not sure you can trust again.

        • Re:read-only jumper (Score:4, Interesting)

          by AmiMoJo ( 196126 ) on Monday March 06, 2023 @03:50PM (#63348099) Homepage Journal

          That's exactly how you get ransomware. None if it writes to the UEFI flash memory, but some of it does take advantage of flaws in UEFI to infect machines.

          If you have to manually open thousands of machines, install an update, and then close them back up, it's not going to get done in a timely manner, or maybe not at all.

          Because you probably don't want to be doing that every month, you will be trying to figure out from the release notes if you really need it for security reasons, or if it's just performance related. Naturally, patches that fix security flaws tend to be rather vague about what they are doing, so as not to help bad actors develop exploits.

          • by codebase7 ( 9682010 ) on Monday March 06, 2023 @06:21PM (#63348643)

            Because you probably don't want to be doing that every month.

            That's proof of bad design. The entire point of a secure IPL is to load the basic security components of the OS. (Trusted public keys, encryption algs, and binary loader.) It shouldn't require monthly updates.

            If anything it should be small enough that a sane group can do a through security review, and only do what is absolutely necessary to get the security system started. Everything else should be validated by the started security system. Using it's own keys that are embedded in the security system binary. And if you're wondering, No Windows doesn't follow this practice at all.

            if you really need it for security reasons, or if it's just performance related

            Again, a performance related patch shouldn't be allowed in the basic security components. That's something that would require complete re-validation testing / certification from any compliance tester / regulator worth their salt. I.e. Something that happens during a major OS upgrade, not a bugfix patch on Tuesday.

            If you have to manually open thousands of machines, install an update, and then close them back up, it's not going to get done in a timely manner, or maybe not at all.

            That is something that should only need to be done once. If it's happening multiple times without having a major OS replacement / redeploy, then once again, it's proof of a bad security design.

            This is purely Microsoft's fault, not UEFI's and Microsoft should be held accountable for this crap.

            • by AmiMoJo ( 196126 )

              Nvidia made that mistake. The Nintendo Switch was hacked because a flaw was found in the very early loader code that is stored in ROM and cannot be updated, so Nvidia and Nintendo can't do anything about it.

              In any case, on a PC the UEFI has to be somewhat complex to boot the machine. The boot device has to be set up and read, the display has to work for diagnostic info. On a laptop that might require Thunderbolt to be working too. USB has to work for the keyboard.

              Often they do segment the flash memory so th

              • Nvidia made that mistake. The Nintendo Switch was hacked because a flaw was found in the very early loader code that is stored in ROM and cannot be updated

                The mistake was to not use formal verification for a crucial security component.

          • by sjames ( 1099 ) on Monday March 06, 2023 @07:07PM (#63348773) Homepage Journal

            A nice thing about jumpers is that you can connect a switch. So you don't need to open it up, but you do need to be physically present.

            For a lights out situation, you can even make that switch remotely operated by a machine that is far less accessible over the net than the servers it helps manage. Not quite as secure, but better by far than a machine with no firmware write disable at all.

            • by AmiMoJo ( 196126 )

              Is there any company anywhere that has actually implemented this for their desktop and laptop computers? I mean back in the day when there were physical jumpers.

              • by sjames ( 1099 )

                I never needed it for firmware, but I rigged several machines so I could reset them remotely. I wired the jumpers for the reset button to an admin machine's parallel port. Something like that could easily connect to write enable jumpers instead, though today when nobody has a parallel port where the individual pins can be addressed for DIO, I would use an Arduino connected to an admin machine's USB, or use a RaspberryPI or clone.

      • But wouldn't it be swell if I could buy a computer where I can actually HAVE that because I just know that tomorrow is going to be a really, really unpleasant day at work when our management wants to know how we can mitigate that?

        • It would be swell. That's why you can't have it.

          Hardware manufacturers want to maintain control over that hardware after we buy it. That's why they won't let us flash these things or otherwise access them to protect ourselves from attacks like this. They just tell us to trust them, and of course they immediately let us down.

          And there are too few competitors in this domain for us to just switch. They all do this. And this [sysjolt.com]. And probably others that they have kept so secret only they, and a few criminal

      • What might be workable is a compromise, by reducing what is flashed, so only something affecting UEFI or the boot process, as well as the BIOS validation engine would require a physical presence to do a BIOS flash. In a company, it may be expensive, but doing this will ensure the hardware isn't in a compromised state if a rogue package jumps out of the hypervisor and decides to do a ninja firmware upgrade.

        It would be only a few packages, so that something that patches other parts of the system wouldn't hav

      • That's fine for your home PC; it's not so convenient when you're trying to update the hundreds or thousands of desktops being used by your company.

        Desktops? Who cares? Servers, worth it. They should have a switch, though, so you don't have to open the case. Preferably a key lock switch, just to raise the bar however slightly.

      • That's fine for your home PC; it's not so convenient when you're trying to update the hundreds or thousands of desktops being used by your company.

        Yes, it's inconvenient as hell, but the risk/disaster ratio is something to consider.

        Having hundreds or thousands of your company's desktops compromised might very well cripple the company to the point of failure. In that case, manually fiddling with thousands of PC jumpers would probably be worth it.

        It's a huge pain in the ass for sure, but when failure is not an option sometimes you have to go the extra distance.

      • by vbdasc ( 146051 )

        That's fine for your home PC; it's not so convenient when you're trying to update the hundreds or thousands of desktops being used by your company.

        The mere fact that updating motherboard's firmware has become one of the corporate "best practices" is one of the biggest fails of the whole UEFI/secure boot/etc idea. Maybe the single biggest one, a truly epic fail.

    • Back in the old days you had to physically move a jumper to flash your firmware. Because it turns out you didn't want some remote actor doing it for you when you aren't around.

      the UEFI is an OS in its own right.

      Back in the day, BIOS wasn't so damn powerful, and could still be limited as you've stated.

      • Back in the day bootloader malware existed just as it did now with even more power (since there was nothing to prevent it from happening what so ever). It's the reason secure boot was developed in the first place.

        • But as we can see now, secure boot isn't that secure, is it?

          • But as we can see now, secure boot isn't that secure, is it?

            Indeed. I heard someone died while wearing a seatbelt which shows that seatbelts are useless. /s

            Please do a bit of research. You'll find that secure boot is perfectly fine. This is not a secure boot bug. They exploited a *windows* bug, and went to incredible pains to do so unlike the bootload malware of the past for which there was literally nothing hindering it making it so incredibly prevalent that every anti-virus scan specifically included a reboot loop and a check of your boot system in attempts to fin

            • by vbdasc ( 146051 )

              Please do a bit of research. You'll find that secure boot is perfectly fine. This is not a secure boot bug. They exploited a *windows* bug

              Nonsense. The whole point of existence of secure boot is that bugs in their payloads (operating systems) are expected and anticipated, and by design it should be immune from compromising originating from the exploited payload. Especially persistent compromising as in this case. Unfortunately, this design goal has failed.

              If Windows had no bugs, nobody would need secure boot in the first place.

            • Secure boot is supposed to let you know the boot files have been tampered with. If it doesn't do that, it's broken, and you can't blame that on Windows.

    • Yeah that would be "actually secure" as opposed to "SecureBoot" or "secured by M$ and pals." Apparently, corporate assholes somewhere else MUST have rights to flash your firmware or I'm told the world will end or there will be "no more progress". Next step, let's confiscate all computers that cannot be centrally controlled!
    • by lsllll ( 830002 )
      I agree that moving a jumper, or better yet, a push-button as part of the MB back panel, is way more secure, but then flashing servers in a data center becomes a very tedious and expensive chore.
      • > a very tedious and expensive chore

        More or less expensive than dealing with ransomware?

        =Smidge=

      • I agree that moving a jumper, or better yet, a push-button as part of the MB back panel, is way more secure, but then flashing servers in a data center becomes a very tedious and expensive chore.

        Nothing says poor security like giving someone a button to make them feel immortal while not actually protecting the user. This malware doesn't modify UEFI. It would not be protected by making the firmware read-only. There's a reason it exploits a *windows flaw* to boot the system.

        • by sjames ( 1099 )

          The exploit sets a (new) Machine Owner Key. That is a very sensitive operation that should require physical presence.

      • sounds like a job for "lights out management" on a separate isolated network
      • I agree that moving a jumper, or better yet, a push-button as part of the MB back panel, is way more secure, but then flashing servers in a data center becomes a very tedious and expensive chore.

        It wouldn't be so tedious nor expensive if the folks who pushed this onto the computing world had thought it through. All that's required is a connector on the PC which, via a relay or properly buffered direct connection, "pushes the button". Then there's a secondary cable or fiber loop running from server to server, connecting all the modules which plug into that connector. The physical layer, protocol, module design, etc. may be standard or custom, the only caveat being that they are not connected to any

        • Serial console servers are still a good idea.
          They could be cheap today - any SoC with USB multiplexers would do fine.
          Your devops can write the config files.

          IPMI saves a few bucks by putting all that on a more expensive chip in every device to save wiring costs and decrease security.

          Those IPMI stacks usually can't do 802.1x, VLANs, or anything sensible and they almost never get audits or updates.

          OpenBoot wins here.

          • Serial console servers are still a good idea.
            They could be cheap today - any SoC with USB multiplexers would do fine.

            If you didn't care about reliability, you could build them out of arduino megas or something. They have four hard ports, plus you could add a bunch of soft ports too. But I think you'd rapidly get to the point where you'd want something like IPMI, just for cabling reasons. It's a lot easier to add another network wire to each server than to now have to dick with serial wiring as well.

            What we need instead of specifically IPMI, though, is a standard internal connector where we can connect whatever management

    • Back in the old days you had to physically move a jumper to flash your firmware.

      This wouldn't have been stopped by that and it didn't prevent bootsector malware from existing back then either. This UEFI Bootkit is installed on the bootable portion of the drive. It has nothing to do with the UEFI other than using a specific flaw to bypass the secure boot check. It's essentially an additional bootloader sitting between the UEFI and the windows bootloader, precisely the kind of thing secureboot was intended to protect against.

      What the read only jumper prevents is UEFI firmware implants, b

    • Back in the old days you had to physically move a jumper to flash your firmware. Because it turns out you didn't want some remote actor doing it for you when you aren't around.

      Back in my day you had to pry a EPROM out of its socket, remove the tape covering over the window and put it in a UV eraser. Only then could you write to it using a dedicated EPROM programmer. Now THAT'S security.

    • by AmiMoJo ( 196126 )

      Properly designed UEFI firmware shouldn't need such a jumper. The way it works is that the UEFI code is the only code that can write to flash. It locks the flash memory into read only mode at boot time, and the only way to make it writable again is a power cycle.

      The UEFI does all the updating. It requires signed updates stored in a special partition on the boot drive. Malware would need to bypass the signature check, or obtain the private key.

      If you are paranoid then a jumper is an option, but realistically

  • Only after this high bar is cleared...

    Every virus infection in history has managed to clear that bar so maybe it's not quite so high or "formidable" as author thinks it is. Just sayin.

    • Every virus infection in history has managed to clear that bar so maybe it's not quite so high or "formidable" as author thinks it is. Just sayin.

      That's nonsense. First, you can absolutely have a virus infection on a system which only affects your user profile and files, and still lose data. But beyond that, even many very popular operating systems of the past had no security whatsoever. There are no popular operating systems today which fit this description that I'm aware of, although DOS is still used a whole lot in antiquated-but-still-functional industrial systems.

      The vast majority of the virus infections I've had on my own systems have been in D

  • "One is the requirement that they first hack the device and gain administrator system rights, either by exploiting one or more vulnerabilities in the OS or apps or by tricking a user into installing trojanized software. Only after this high bar is cleared..."

    Uh, given the number of exploits that define this process as basically Hacking 101, I'm just curious. How high up you think that bar is?

    From Reality's angle, it looks to be about 2 clicks off the ground, with Ignorant and Gullible behind the keyboards as usual.

  • Is this the "better" we were promised with UEFI? Just curious.
    • by AcidFnTonic ( 791034 ) on Monday March 06, 2023 @02:35PM (#63347833) Homepage

      Microsoft made it harder for everyone else to install linux, wasn't that the point?

      • Oh No! You have to disable secure boot in the BIOS.

        Otherwise it's nice not having to hope you updated the MBR or didn't accidentally move the boot image to another sector within the filesystem without that MBR update.
        • And guess what, as we just found out, whether you disable secure boot means fuck all for your security.

          • Except that's not the case at all. Please go read up on the topic before you run your ignorant mouth. This isn't a secure boot bug.

    • by Entrope ( 68843 )

      In theory, it's a great approach to securing the platform. In practice, it suffers from Windows-ization: Feature bloat and attempts at lock-in leading to serious bugs all around. Apple has probably done the most effective job of securing the boot chain, but Apple's solution is very proprietary both in terms of the boot protocol and the hardware that implements it.

    • by lsllll ( 830002 )
      I'm not a fan of UEFI, mainly because it was some FUD that was fed to us and we all knew it's just another computer program that's exploitable. But you do have to admit that it did make things more difficult for hackers.
      • by Burdell ( 228580 )

        If you are "not a fan of UEFI", it's probably because you've eaten the FUD you've been fed about SecureBoot (one optional feature of UEFI). The old BIOS was such a pile of hacks built on extensions built on compromises based on a 1981 design for booting 8088s in 16-bit mode. It should have been left in the dustbin years ago; at least Intel FINALLY stopped supporting it a couple of years ago.

        And complaining that SecureBoot isn't 100% secure is like saying you shouldn't put a lock on your door because somebod

        • by dvice ( 6309704 )

          If you think that a lock in your door helps, you need to watch this video that shows how long it takes to "break" into your house. https://www.youtube.com/watch?... [youtube.com]

          Well obviously it requires skill to be that fast, but if you watch more of his videos, it should become obvious that some locks are so bad that they open just by slapping them with a hand.( https://www.youtube.com/watch?... [youtube.com] )

          And if you watch 20 videos or so, you won't trust any lock ever again. The maker of the videos has said that he is making

          • by Rhipf ( 525263 )

            because normal people don't know about these issues.

            This is the reason that locks still make sense. Locks aren't 100% effective (is anything?) but it keeps the vast majority of people out of your stuff.

        • by Luckyo ( 1726890 )

          That moment when you don't realize that the same old booting process still exists. It's just moved from BIOS to CPU itself. Search for IME and PSP for Intel and AMD respectively.

          And those things are far more awful than old bioses. They're highly secretive nowadays, but hacks we've seen utilize things like web servers built into them by default.

    • Is this the "better" we were promised with UEFI? Just curious.

      Better in the way of features you didn't really ask for? Fuck Yes. Global leaders. Dunno about you, but I know of no one who asked for most of the features in the $1000 smartphone that used to be half that cost.

      Making an 8K 5" screen is enough to make Hollywood directors go blind, but I'll be damned if we won't eventually see 32K screens with consumers that swear they can tell the difference. Much like the audiophiles that insist they need 100,000Hz headphones.

    • Re: (Score:2, Insightful)

      by thegarbz ( 1787294 )

      Is this the "better" we were promised with UEFI? Just curious.

      Yes very much so. Whereas in the past boot process was a free for all for any software to tamper with, it now requires exploiting specific bugs in OS code.

      That is by every definition of the word better. If you're after "perfect" security then I have some really sad news for you...

      • by AmiMoJo ( 196126 )

        About 25 years ago the local computer repair shop had a huge stack of motherboards with BIOS chips wiped by malware.

        Back then a lot of manufacturers didn't put BIOS images on their websites. Not that they had a programmer for the chips anyway.

  • New UEFI acronym (Score:4, Insightful)

    by Gim Tom ( 716904 ) on Monday March 06, 2023 @02:50PM (#63347905)
    Maybe UEFI now means Unlimited Ease For Infection?
  • Is it Way-Fee? Wee-Fee? You-Fee?
    • by myrdos2 ( 989497 )
      "Whiffy." As in, "This ham has been laying in the sun all day, and is starting to get a bit whiffy."
  • A lot of the posts on this story so far are about write protecting UEFI or UEFI being too complex etc etc. This is not exploiting UEFI. It's exploiting the *Windows* boot process and sitting itself as a form of bootloader between UEFI and Windows. It is precisely what Secure Boot was designed to protect against, but (as usual) the weak chain in the link (Windows) broke.

    And for all those kneejerkers who are saying "see secure boot doesn't work". I highly recommend you only drive cars without airbags or seatb

    • by DarkOx ( 621550 )

      I think the real issues is MICROSOFT, they essentially set themselves up as the authority that gets to decide who is responsible enough, who has enough process in place, who has deep enough pockets to get a get - then they f'up and open the door to exploits....

      Microsoft should have never been allowed to be come the entity that control the keys. Its highly anti-competitive. Some sort of IANA like organization should have been formed.

      • I think the real issues is MICROSOFT

        No that's just a completely off topic anti-secure boot rant you made up in your head that has nothing to do with what is going on.

        Microsoft should have never been allowed to be come the entity that control the keys. Its highly anti-competitive.

        Microsoft doesn't control any keys. You do. Installing a key into UEFI is trivial and available to everyone for all but specific special purpose devices (reads: ARM, Chromebooks, and Apple (well they aren't even playing)). The only thing Microsoft has done is gotten their keys enabled by default.

        They have also shown to be quite willing to cross-sign keys for other OSes, and as a

        • by DarkOx ( 621550 )

          Damn dude you're post has some major spin. Here let me point out the important parts for you:

          The only thing Microsoft has done is gotten their keys enabled by default.

          So Microsoft can package up bootable media without talking to anyone else or getting users to do things that every security practitioner tells them not to do. Everyone else gets to wait for Microsoft to bless them.

          willing to cross-sign keys for other OSes, and as a stipulation of Windows device certification that basically every manufacturer gets they require the keys to be customisable by the user.

          Right again you're options are get microsoft's blessing, ask user's do things that will confuse and scare them. As to Microsoft's willingness, sure if you PAY them!

        • by blackomegax ( 807080 ) on Monday March 06, 2023 @07:47PM (#63348855) Journal
          Secure Boot is the devil's work, plain and simple. Manufacturers are trying to control what you can and can't do with your own damn devices. They want you to use only their approved software, like they're some kind of tech overlords or something. And don't even get me started on the little guys - small software developers are getting screwed over by Secure Boot. They don't have the resources to obtain digital signatures from every manufacturer out there, so they're left out in the cold. This is like a digital caste system or something, and it's not right. And let's not forget about ownership. When you buy a device, it's supposed to be yours to do with as you please. That's like the whole point of ownership, right? But with Secure Boot, manufacturers are trying to maintain control over your devices even after you've forked over your hard-earned cash. So, if you're someone who values freedom, innovation, and ownership, you need to stand up and fight against Secure Boot. Don't let the manufacturers win - take back control of your devices and use them however you damn well please!
    • It seems to be down to two bugs in the Windows boot process. First, by specifying particular parameters for loading the fake boot application, you can convince the bootloader to throw away the security policy it loaded earlier. The more fundamental bug is that it appears the bootloader treats the fact that there are no policies loaded as meaning "allow everything" when a secure application should default to "deny everything".

      And it's not unpatchable as such, though fixing it is a headache. Fixing the bootlo

      • by thegarbz ( 1787294 ) on Monday March 06, 2023 @05:19PM (#63348451)

        But the bootkit could just reinstall the earlier bootloader with the bugs in, which would pass validation unless Microsoft revokes it.

        Not just "could" the bootkit actively does this. It ships with a vulnerable version of bootmgfw.efi and bootload.efi (the shim it uses to execute its own custom code) and uses them both. In short this exploit will continue to work until the keys for both are added to the revocation list, which won't happen for the reasons you stated.

        This attack vector was incredibly clever, real props to the hackers here. They are exploiting a vulnerability that was patched well over a year ago knowing that MS would screw itself if they blacklisted the vulnerable binaries.

    • To be fair, the summary is god awful. Instead of telling us what the actual problem is, it wastes 2-3 paragraphs telling people on a tech news site what their firmware does during startup....

      For those wondering, the reason this attack is viable in the first place is because Microsoft dropped the ball on updating their revocation list against CVE-2022-21894.
  • oh, how many escalation privilege 'bugs' have historically existed in Windows...

    LOTS.

  • by RUs1729 ( 10049396 ) on Monday March 06, 2023 @03:35PM (#63348053)
    Namely, to enable vendors (MS, in this case) to lock you in more thoroughly. Increased security is just the good reason - as is well known, everybody (and every company) usually has two reasons for doing something: a good reason, and the real reason.
    • Yep that's its true purpose. Just like the seatbelt's true purpose is to get people to actively engage in a bit of BDSM self-bondage. That's the real reason.

      • Today's UEFI is nothing like the crap I had to put up with in the early days. Any mobo or prebuilt pretty much ships with secureboot off unless you request it on, you can load signing keys, you can usually even drop back to BIOS emulation if you so desire. But there are a bunch of Dells and Lenovos in the back room (some Acer nettops too) that are UEFI only, secureboot is locked on and there is no option to provide your own signing keys. The options are there but they don't work. They can still boot windows
  • by gweihir ( 88907 ) on Monday March 06, 2023 @03:49PM (#63348091)

    It does serve a security function, but but not one that is for the user. In fact, Digital Restriction Management is specifically targeted at restricting what the user can do. It is no surprise that malware can now bypass this in a way that cannot be stopped. It was never designed to stop malware in the first place.

  • First of all, EFI (now UEFI) was invented by Intel in 1999, not Microsoft. In fact, the first manufacturer to use it was Apple when they switched from PowerPC to Intel. The bug is in Microsoft's boot code, it's not an issue with UEFI. Based on the article, the exploit can be removed by simply wiping the ESP. It's not in SPI memory or anything like that.

    Of course if the code that installed the exploit is executed again (with admin privs) you have the same problem - but that's the same as many other explo

    • Re:The article is BS (Score:5, Informative)

      by thegarbz ( 1787294 ) on Monday March 06, 2023 @05:32PM (#63348503)

      the exploit can be removed by simply wiping the ESP

      Nope it's far more complicated than that. Only the initial exploit itself saves itself to ESP. To actually undo everything you need to:
      a) wipe ESP.
      b) reinstate the correct one since you want a bootable system (which is ironically easy since the malware backs it up for easy uninstallation).
      c) remove their entry from the MokList.
      d) remove their kernel level driver from windows.
      e) fix everything that the malware broke (Fix Defender, fix bit-locker, reenabling HVCI and VBS)
      f) do all of the above without triggering a reboot since the kernel level driver in windows will reinstall the malware on boot.

      Now that in itself would be easy enough and doable with an appropriate tool except that part of the payload's kernel level driver actively opens handles to all important ESP files so even with system level privileges you can't actually delete them or overwrite them once the windows kernel has loaded, and forcefully closing the handles or otherwise nuking the files triggers a BSOD with (INVALID_KERNEL_HANDLE)

      The article is a very simplified view. This is an incredibly advanced piece of malware.

      • Dumb question maybe, but can you disable Secure Boot and then boot up to a thumb drive, ostensibly with tools to do the above? This would at least give access to the ESP files.

        Obviously not an ideal solution, but perhaps the easiest in light of the fact that booting up the infected Windows will prevent proper disinfection?

        • Yes you can. The ESP is the easy part, I think the hardest part would be uninstalling the driver from windows. But as with all malware I'm sure an automated removal tool would will hit the market soon enough if not already.

  • by tiqui ( 1024021 ) on Monday March 06, 2023 @11:24PM (#63349131)

    Like so many "breakthroughs", "reforms", "advancements" (pick yer term) the modern "better way" of doing something is often just some jerk's preferred way, and its often actually inferior.

    The original boot scheme of the PC was completely secure. The boot code was solid, and worked every time. It was in ROMs on the actual IBM machines, and PROMS or EPROMS on clones, all of which could not be overwritten on-the-fly within a running PC. There was no way somebody could insert malware into such a PC and get it to patch the machine's boot code. When PCs came along with EEPROMS, most had physical jumpers that had to be manually set in order to enable writing to the chip containing the boot code - so it WAS possible to corrupt the boot code, but the person with physical control of the machine had to be an active participant.

    Ahhh but Microsoft and friends decided we all needed a "secure" boot system...

    All sorts of crap was added to the basic boot function of a PC, making it more of a pain to install whatever OS the owner of the machine wants, and all under the banner of "more secure". Ha. Perhaps "more secure" in the sense that you're more likely to run Windows or a Microsoft approved flavor of Linux running with Windows (more secure for Microsoft). Like so many other security scams, this is not actually more secure in any absolute sense - the old EPROMs achieved that by virtue of not being in-circuit programmable. It seems some people refuse to learn an old lesson: Adding complexity to add security is often actually likely to add vulnerabilities - vulnerabilities that are probably harder to detect and fix.

    Some network admin is likely to complain that the old boot ROMs were not remotely patchable - but [A] boot code should be properly tested before being deployed and then NEVER be patched, and [B] it's a poor network admin who would willingly make an invulnerable system vulnerable in exchange for convenience.

    • The ROMs on the IBM PC 5150 wouldn't even support a HDD. You had to order new ROMs (or burn patched ones) if you wanted to use one. When total numbers of machines were small and machine prices were very high this was feasible, you could sell customers new ROMs and if they didn't have someone to install them they would reasonably pay the fee to have someone else do it. When we got into large numbers of PCs that simply wasn't feasible any more, there weren't enough techs. We literally had to move to flash BIO

If all the world's economists were laid end to end, we wouldn't reach a conclusion. -- William Baumol

Working...