Intel Desktop Board DG43GT : BIOS Protection Guidelines - Recommendations of the National Institute of Standards and Technology : Page 15

BIOS PROTECTION GUIDELINES

• One of the most difficult threats to prevent is a user-initiated installation of a malicious system

BIOS. User-initiated BIOS update utilities are often the primary method for updating the system

BIOS. The guidelines included in this document will not prevent users from installing

unapproved BIOS images if they have physical access to the computer system. As with supply

chain threats, security processes may be able to detect and remediate the unapproved system

BIOS, such as initiating a recovery process to restore to an approved BIOS.

• Malware could leverage weak BIOS security controls or exploit vulnerabilities in the system

BIOS itself to reflash or modify the system BIOS. General-purpose malicious software is

unlikely to include this functionality, but a targeted attack on an organization could be directed

towards an organization’s standard system BIOS. The malicious BIOS can be delivered to the

system either over a network, or using media. The guidelines presented in this document are

designed to prevent these kinds of attack.

• Network-based system management tools could also be used to launch an organization-wide

attack on system BIOSs. For example, consider an organization-maintained update server for the

organization’s deployed system BIOS; a compromised server could push a malicious system

BIOS to computer systems across the organization. This is a high-impact attack, but requires

either an insider or compromise of an organization’s update process. The guidelines presented in

this document are designed to prevent this kind of attack.

• Any of the preceding mechanisms could be used to rollback to an authentic but vulnerable system

BIOS. This is a particularly insidious attack, since the “bad” BIOS is authentic (i.e., shipped by

the manufacturer). The security controls specified in the following section are primarily focused

on verifying the source and integrity of the system BIOS. This document includes recommended

controls for rollback protection.

The controls described in the following section are primarily focused on preventing unauthorized

modification of the system BIOS by potentially malicious software running on computer systems.

Installation of an unapproved system BIOS in the supply chain, by individuals with physical access, or

through rollback to an authenticated but vulnerable system BIOS, are not addressed by the controls in

Section 3.1, but can be addressed using processes specified in Section 3.2.