Home / Series / Chaos Communication Congress / Aired Order / Season 31 / Episode 66

Attacks on UEFI security, inspired by Darth Venamis's misery and Speed Racer (#6129)

Speakers: Rafal Wojtczuk, Corey Kallenberg On modern Intel based computers there exists two powerful and protected code regions: the UEFI firmware and System Management Mode (SMM). UEFI is the replacement for conventional BIOS and has the responsibility of initializing the platform. SMM is a powerful mode of execution on Intel CPUs that is even more privileged than a hypervisor. Because of their powerful positions, SMM and UEFI are protected by a variety of hardware mechanisms. In this talk, Rafal Wojtczuk and Corey Kallenberg team up to disclose several prevalent vulnerabilities that result in SMM runtime breakin as well as arbitrary reflash of the UEFI firmware.

English
  • Originally Aired December 28, 2014
  • Runtime 60 minutes
  • Created December 30, 2014 by
    Administrator admin
  • Modified December 30, 2014 by
    Administrator admin