By Minh Tran | May 14, 2019
A FortiGuard Labs How-To Guide for Cybersecurity Threat Researchers
Unified Extensible Firmware Interface (UEFI) is a specification that defines an interface between platform firmware and an OS. In a nutshell, UEFI replaces the BIOS in previous systems. Since UEFI is required for Secure Boot (ever since the Windows 8 operating system released in 2012), virtually all modern PCs come with UEFI firmware. Naturally, with the growing popularity of UEFI systems, and the fact that UEFI firmwares have even higher privilege than the OS/ hypervisor, adversaries are starting to focus on exploiting this new attack surface. This is evidenced by the UEFI rootkit found recently from the Sednit group.Consequently, there is a pressing need for security researchers to be able to handle this novel threat. In this blog post, we will show you how.