Uncategorized

Intel’s Black Hat UEFI presentation online

Vincent has a new blog post about the recent talk about UEFI security that Intel just gave at Black Hat Briefings.

http://vzimmer.blogspot.com/2017/08/black-hat-usa-2017-firmware-is-new-black.html

https://www.blackhat.com/us-17/briefings.html#firmware-is-the-new-black-analyzing-past-three-years-of-bios-uefi-security-vulnerabilities

https://github.com/rrbranco/BlackHat2017

https://github.com/rrbranco/BlackHat2017/blob/master/BlackHat2017-BlackBIOS-v0.13-Published.pdf

https://www.darkreading.com/vulnerabilities—threats/7-hardware-and-firmware-hacks-highlighted-at-black-hat-2017/d/d-id/1329442

Standard
Uncategorized

Alex at Black Hat: Where the Guardians of the BIOS Are Failing

Black Hat Vegas: Where the Guardians of the BIOS Are Failing
By Alex Matrosov
In our upcoming Black Hat Vegas talk, we will summarize our research about the UEFI firmware protections and our newly-discovered security problems. This talk raises awareness of these security challenges for hardware vendors, BIOS-level security researchers and defenders, and sophisticated stakeholders who want to know the current state of UEFI exposure and threats. The situation is serious but, with the right tools and knowledge, we can prevail.[…]

https://www.blackhat.com/us-17/briefings.html#betraying-the-bios-where-the-guardians-of-the-bios-are-failing

https://www.cylance.com/en_us/blog/black-hat-vegas-where-the-guardians-of-the-bios-are-failing.html

Standard
Uncategorized

Adaptiva Secure 10: BIOS to UEFI

New registration-required freeware from Adaptiva:

Adaptiva’s free Secure 10 is a complete automation solution for ConfigMgr admins to make the BIOS to UEFI conversion process simple and unattended. With Secure 10, migrations take much less time and no IT staff need to be on-site during the process. Now including support for new MBR2GPT.exe tool for retaining data while making the switch, as well as ConfigMgr 1610+ WinPE boot image pre-staging. Also new: two complete task sequences to save time integrating into your deployments! […] The open solution includes detailed documentation to help SCCM system administrators overcome the complexities of automating the conversion from:

* BIOS to UEFI – Secure 10 automates the conversion process from the legacy BIOS firmware typically used in Windows 7/8 systems to the more powerful Unified Extensible Firmware Interface (UEFI) technology. UEFI is required to enable key enterprise security features available in Windows 10.

* MBR to GPT – Secure 10 now includes support for the MBR2GPT.exe tool, which helps convert the disk layout on a PC from the legacy Master Boot Record (MBR) to GUID Partition Table (GPT). The new tool is the only Microsoft-supported tool to convert a production disk from MBR to GPT without data loss, greatly speeding in-place upgrades to Windows 10.

* WinPE Pre-staging – Microsoft recently introduced the capability to pre-stage a WinPE boot image to a partition from within an SCCM Task Sequence and have that image persist during the conversion from MBR to GPT. Secure 10 supports this capability for refresh/replace scenarios.

https://www.adaptiva.com/blog/2017/adaptiva-releases-bios-uefi-solution-update-speed-windows-10-migrations/

Standard
Uncategorized

Toshiba adds security features to firmware

Toshiba has added firmware-level security to their Mobile Zero Client:

[…]How Toshiba Mobile Zero Client works
* Power on: User powers on the device, which connects to pre-configured LAN or Wi-Fi
* Boot permission: Device requests boot permission from Toshiba Boot Control Service*
* Big Core download: When boot permission is granted, your unique, secure, Big Core package is encrypted, downloaded and unpacked in the RAM
* Ready to go: Your Big Core, with Linux and the VDI client, is executed – establishing its connection to your VDI server

[…]Beyond supporting the storage of data securely away from the device, TMZC can provide added protection through Toshiba’s uniquely developed BIOS, which is designed and built in–house to help remove the risk of third-party interference.[…] We’re one of the only manufacturers that creates our own BIOS and UEFI’s.[…]

http://us.toshiba.com/solutions/tmzc

http://www.businesswire.com/news/home/20170613005346/en/Toshiba-Expands-Portfolio-Security-Solutions-Addition-Mobile

Standard