Explore system firmware vulnerabilities and their impact on cybersecurity in this 44-minute conference talk from 44CON 2017. Discover how adversaries can exploit BIOS weaknesses to bypass operating system protections, Secure Boot, and even virtualization-based security. Learn about the open-source framework developed to automate vulnerability analysis and the findings from examining thousands of UEFI firmware updates across multiple vendors. Gain insights into the process, limitations, and implications of offline firmware analysis, highlighting the critical need for robust BIOS/UEFI protections in modern systems.
Checking BIOS Protections Offline With Just the Firmware Updates
44CON Information Security Conference via YouTube
Overview
Syllabus
Checking BIOS protections offline with just the firmware updates - Yuriy Bulygin at 44CON 2017
Taught by
44CON Information Security Conference
Related Courses
-
Firmware is the New Black - Analyzing Past Three Years of BIOS - UEFI Security Vulnerabilities
-
Securing Bare Metal Hardware at Scale
-
Analyzing UEFI BIOSes from Attacker & Defender Viewpoints
-
Abusing Security Products to Bypass Windows Protections
-
Bypassing Hardware-Based Trusted Boot Through x86 Downgrade
-
Firmware Security - Why It Matters and How You Can Have It
