New BIOS guidelines aim to keep malware out of computer's nether regions
The new guidelines are intended to make the Basic Input/Output System more resistant to malware attacks that target the system firmware. Over the past few years, at least two trojans, one called Mebromi and another proof-of-concept demonstration, have been able to survive
"Unauthorized modification of a BIOS firmware by malicious software constitutes a significant threat because of the BIOS's unique and privileged position within the PC architecture," the new set of guidelines, which were published earlier this week by the National Institute of Standards and Technology, stated. "Malicious BIOS modification could be part of a sophisticated, targeted attack on an organization—either a permanent denial of service or a persistent malware presence."
The guidelines, which pertain to BIOSes found in computer servers, detail four proposed features, including authenticated update mechanisms, an optional secure local update mechanism, firmware integrity protections, and a mechanism to prevent system components for bypassing BIOS protections. In April NIST published proposed guidelines for BIOSes found in PCs.
Interested parties have until September 14 to comment on the proposed server guidelines. Comments may be sent by e-mail to 800-147comments@nist.gov.