Web-based Applications: A possible gateway to the BIOS chip

Results released by Core Security Technologies researchers, Alfredo Ortego and Anibal Sacco revealed that it is possible to flash malicious code containing a rootkit onto the BIOS chip, making the rootkit almost impossible to remove. It is no longer necessary for users to first type command-line instructions after a DOS reboot in order to obtain a BIOS update from a diskette. Updates can now be loaded through technologies that run under windows such as ActiveX controls or Flash tools that load the updates from storage devices.
ActiveX is a set of object-oriented programming technologies and tools that Microsoft developed for Internet Explorer to facilitate rich media playback. Essentially, Internet Explorer uses ActiveX to load other software applications in the browser. Similarly Adobe Flash is a multimedia platform currently developed and distributed by Adobe Systems. Flash is used for adding animation and interactivity to web pages. Common uses for it are to create animation, advertisements, and various web page components, to integrate video into web pages and more recently, to develop rich Internet applications.

Basically this technology allows you to run web-based applications such as interactive computer games without actually having to download or install anything! All you really need to do is visit the right web page. Such technologies are obviously a great convenience and offer a user more functionality with less hassles, but there is a catch.

The catch is that the aforementioned types of tools are also able to locate, read, manipulate, write or erase BIOS chips. This means that not only can a hacker access and manipulate the BIOS chip via DOS but also through web-based applications such as Adobe Flash. A hacker just needs to create a malicious web page, wait for an unsuspecting user to open it and viola, he or she is able to locate and manipulate the BIOS chip. As proved by the Core Security Technologies researchers, once the BIOS chip has been infected with a sophisticated admin-level rootkit, repairing the damage is no easy task.

Referring to the above point, do the advantages of these web-based applications exceed their disadvantages? is the ability to have a live-chat or play interactive games worth losing your PC? At least, in the meantime, there is one thing standing in the way of opportunistic hackers and that is write-protection. Like i mentioned in my previous article most of today's BIOS have write-protect options set-up in their program and a few even come with password protection. So for now we are safe, but the question is for how long?

BY Nono
Source:PC1 NEWS

© 2008 - 2009 pc1news.com - All rights reserved.



Copyright 2008-2009 Daily IT News | Contact Us