BIOS rootkit

A BIOS rootkit is programming that exists in a system's memory hardware to enable remote administration. Rootkits may be installed for legitimate purposes, such as digital rights management (DRM) or data or device security but they may also be targets for persistent attacks. 

The BIOS (basic input/output system) is firmware that resides in memory -- rather than on the hard disk drive -- and runs while a computer boots up. Because a BIOS rootkit lives in memory, it persists not only through attempts to reflash (update) the BIOS but also through hard drive erasure or replacement. Originally, the BIOS firmware was not writeable. However, most manufacturers now use an erasable format, such as flash memory. The use of an erasable format makes BIOS updates easier but also leaves the BIOS vulnerable to online attack. A BIOS rootkit attack is an exploit in which legitimate BIOS programming is updated with malicious code.

See also: authentication, virtualization, CloudAV, blue pill rootkit, RAT (remote access Trojan)

This was last updated in February 2011

Continue Reading About BIOS rootkit

Dig Deeper on Cloud Computing Virtualization: Secure Multitenancy - Hypervisor Protection



Find more PRO+ content and other member only offers, here.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:


File Extensions and File Formats

Powered by:


  • Dissecting the Hack

    In this excerpt from chapter three of Dissecting the Hack: The V3RB0TEN Network, authors Jayson E. Street, Kristin Sims and Brian...

  • Digital Identity Management

    In this excerpt of Digital Identity Management, authors Maryline Laurent and Samia Bousefrane discuss principles of biometrics ...

  • Becoming a Global Chief Security Executive Officer

    In this excerpt of Becoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders, ...