BIOS rootkit

A BIOS-level rootkit is programming that exists in a system's memory hardware to enable remote administration. Because the rootkit lives in the computer’s BIOS (basic input/output system), it persists not only through attempts to reflash the BIOS but also through hard drive erasure or replacement.

A BIOS rootkit is programming that exists in a system's memory hardware to enable remote administration. Rootkits may be installed for legitimate purposes, such as digital rights management (DRM) or data or device security but they may also be targets for persistent attacks. 

The BIOS (basic input/output system) is firmware that resides in memory -- rather than on the hard disk drive -- and runs while a computer boots up. Because a BIOS rootkit lives in memory, it persists not only through attempts to reflash (update) the BIOS but also through hard drive erasure or replacement. Originally, the BIOS firmware was not writeable. However, most manufacturers now use an erasable format, such as flash memory. The use of an erasable format makes BIOS updates easier but also leaves the BIOS vulnerable to online attack. A BIOS rootkit attack is an exploit in which legitimate BIOS programming is updated with malicious code.

See also: authentication, virtualization, CloudAV, blue pill rootkit, RAT (remote access Trojan)

This was first published in February 2011

Continue Reading About BIOS rootkit

Glossary

'BIOS rootkit ' is part of the:

View All Definitions

Dig deeper on Cloud Computing Virtualization: Secure Multitenancy - Hypervisor Protection

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly

Close