Uncategorized

Absolute seeks OEM Business Development Director

It is an exciting time for the Absolute and Microsoft partnership!  Absolute’s placement in Windows device firmware provides a truly unique position within the Microsoft partner ecosystem. We continue to strengthen this relationship by opening new doors of engagement through our recent product integration announcements. To further support the relationship, we are looking for a tenured Business Development Director[…]

http://jobs.jobvite.com/absolute/job/oarf5fwF

Standard
Uncategorized

Windows Internals new edition out

http://www.alex-ionescu.com/?p=335

https://blogs.msdn.microsoft.com/microsoft_press/2017/05/09/new-book-windows-internals-seventh-edition-part-1/

https://www.microsoftpressstore.com/store/windows-internals-part-1-system-architecture-processes-9780735684188

 

 

 

 

 

 

 

Wow, this book has gone a long way from “Inside Windows NT” by Helen Custer, the original author:

http://dl.acm.org/citation.cfm?id=138407

https://archive.org/details/insidewindowsnt00solo

Standard
Uncategorized

Microsoft Windows 10 UEFI training video

Micosoft has a training video for network administrators that includes some UEFI security topics:

https://mva.microsoft.com/en-US/training-courses/windows-10-security-in-real-life-17127?l=Xz1vNy5XD_104300474

Standard
Uncategorized

AMI adds RNDIS Network Driver Support in Aptio V

American Megatrends Inc. (AMI), a global leader in BIOS and UEFI firmware, server and remote management tools, data storage products and unique solutions based on the Linux® and Android™ operating systems is proud to announce Remote NDIS (RNDIS) network driver support for Aptio V UEFI Firmware. The Remote Network Driver Interface Specification (RNDIS) is a Microsoft® specification that allows for remote communication between a host server and RNDIS network device connected using a USB cable. RNDIS messages are sent via the host server to the RNDIS device and the host server can provide support for multiple networking devices connected to a USB bus. The support for RNDIS devices in Aptio V is convenient for hardware vendors because with the standardized interface of RNDIS, the need to develop drivers to support USB LAN adapters conforming to RNDIS specification is eliminated. OEMs including the RNDIS network driver in the BIOS allow end users to plug and play with RNDIS supported USB LAN adapters. Aptio V RNDIS network driver also allows the BIOS to communicate with the Baseboard Management Controller (BMC) that supports the RNDIS specification, commonly referred to as LAN over USB.[…]

https://ami.com/en/news/press-releases/?PressReleaseID=389

 

 

Standard
Uncategorized

Windows 10 new preboot security features

There’s a few new preboot-related features in recent builds of Microsoft Windows, excerpt of some of them below.

New features in Windows 10, version 1511:
* Credential Guard: Enable Credential Guard without UEFI lock. You can enable Credential Guard by using the registry. This allows you to disable Credential Guard remotely. However, we recommend that Credential Guard is enabled with UEFI lock. You can configure this by using Group Policy.
* Bitlocker: DMA port protection. You can use the DataProtection/AllowDirectMemoryAccess MDM policy to block DMA ports when the device is starting up. Also, when a device is locked, all unused DMA ports are turned off, but any devices that are already plugged into a DMA port will continue to work. When the device is unlocked, all DMA ports are turned back on.

* Bitlocker: New Group Policy for configuring pre-boot recovery. You can now configure the pre-boot recovery message and recover URL that is shown on the pre-boot recovery screen. For more info, see the Configure pre-boot recovery message and URL section in “BitLocker Group Policy settings.”
* New BCD events: Event ID 4826 has been added to track the following changes to the Boot Configuration Database (BCD): DEP/NEX settings, Test signing, PCAT SB simulation, Debug, Boot debug, Integrity Services, Disable Winload debugging menu
* New PNP events:  Event ID 6416 has been added to track when an external device is detected through Plug and Play. One important scenario is if an external device that contains malware is inserted into a high-value machine that doesn’t expect this type of action, such as a domain controller.
* TPM: Key Storage Providers (KSPs) and srvcrypt support elliptical curve cryptography (ECC).
* TPM: The following sections describe the new and changed functionality in the TPM for Windows 10: Device health attestation, Microsoft Passport support, Device Guard support, Credential Guard support […]

https://docs.microsoft.com/en-us/windows/whats-new/whats-new-windows-10-version-1507-and-1511
https://technet.microsoft.com/en-us/windows/release-info

Standard
Uncategorized

Microsoft seeks U-Boot Linux firmware Engineer

Senior Software Engineer, Linux Firmware – CSI / Azure – Cloud Server Infrastructure
The Cloud Server Infrastructure Firmware Development (CSI-FW) team is responsible for server hardware definition, design and development of Server and Rack Infrastructure engineering for Microsoft’s online services. […] This role will be for a highly-motivated Firmware Engineer with a solid background in embedded system design using embedded Linux. […] Required Qualifications:
[…]
* Extensive knowledge of u-boot customization, Linux kernel internals and adding new hardware drivers
[…]

https://careers.microsoft.com/jobdetails.aspx?jid=282596

 

Standard
Uncategorized

Microsoft MDT: moving from BIOS to UEFI

If you have a Windows box and are trying to convert MBR/BIOS installs to GPT/UEFI installs on ‘class 2’ systems, you might want to read this:

https://blogs.technet.microsoft.com/mniehaus/2017/04/14/moving-from-bios-to-uefi-with-mdt-8443/

 

Standard