Extreme Privilege Escalation on Windows 8/UEFI Systems

Formatting your hard drive and starting all over is an effective – albeit drastic – way to get rid of most types of malware, but here’s one that’s so insidious even that “scorched earth” solution won’t work. We’re talking about BIOS-based malware, malicious code that takes advantage of vulnerabilities in the Open UEFI framework, and persists across platforms even after a complete wipe.

Corey Kallenberg and Xeno Kovah demonstrated this scary attack, which can be carried out remotely, at Defcon 22. Donovan Colbert was there to see it; find out more in his writeup on his blog:


Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top