Wake-from-sleep vulnerability leaves UEFIs open to attack

Most modern motherboards support firmware write protection to prevent unwanted BIOS flashes, but a vulnerability in many UEFI firmware implementations could accidentally disable such protection. A new warning posted by Carnegie Mellon University's CERT says that when many x86-based systems wake from sleep, they fail to enable that write protection .

The security hole opens when an affected system goes to sleep and then wakes up. Many Intel-based x86 systems use a specific flag stored in a BIOS register that controls write protection. When the bit is turned on, the BIOS is write-protected-but that bit is turned off by default. Every time a PC resets, this register is also reset to the ...

Read more...