Saturday, July 27, 2013

A Secure Boot Resistant Strain of Bootkits

It was born into a world where species like it are being discriminated and oppressed, into the world where Secure Boot decides which species to boot and which not. It had to evolve to have a chance for boot and so it did. And here we are introducing a new strain of UEFI bootkits, a Secure Boot resistant strain which can thrive in this hostile environment.

The screenshot below shows a UEFI bootkit running on the system with and despite Windows 8 Secure Boot enabled.

On a serious note, in an effort to continuously improve the security of the platform firmware and hardware, we've analyzed how Secure Boot is implemented on some of the Windows 8 platforms. As a result, we are coordinating the disclosure of our research findings with affected BIOS and platform vendors and working toward mitigating them.

Some of these findings will be presented at Black Hat USA 2013 next week. We'll also demonstrate two attacks against Windows 8 Secure Boot exploiting these findings on affected systems.

We hope you can join us! If not, our presentation and demos will be posted on c7zero.info

RIP Barnaby Jack..