Bypassing Hardware-Based Trusted Boot Through x86 Downgrade
Hack In The Box Security Conference via YouTube
Overview
Syllabus
Intro
Inside Intel CPU
Firmware Interface Table (FIT)
Microcode Update binary main header
Microcode Update binary extended header
Microcode Update binary data
Known facts about Microcode
Authenticated Code Modules (ACMS)
Useful links to start digging
Updating Microcode in UEFI BIOS
Microcode Update loading process
Platform Init
Microcode Downgrade
Side channel attacks
Debug capabilities
Downgrading ACMs. Intel BIOS Guard
Downgrading ACMs. Intel TXT
#Report and Reaction
#Mitigations
Taught by
Hack In The Box Security Conference