Researchers have found a new way to defeat the boot verification process for some Intel-based systems, but the technique can also impact other platforms and can be used to compromise machines in a stealthy and persistent way.
[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ]
Researchers Peter Bosch and Trammell Hudson presented a time-of-check, time-of-use (TOCTOU) attack against the Boot Guard feature of Intel's reference Unified Extensible Firmware Interface (UEFI) implementation at the Hack in the Box conference in Amsterdam this week.
To read this article in full, please click here