nabeelmansoor 22 Posted July 18, 2022 Posted July 18, 2022 Hi, Does ESET protect against malware that alter or destroy the bios/chipset ? Thanks
itman 1,922 Posted July 18, 2022 Posted July 18, 2022 (edited) Kaspersky has a great detailed technical analysis on this issue here: https://securelist.com/moonbounce-the-dark-side-of-uefi-firmware/105468/ . You prevent this stuff as noted at the end of the article: Quote Following previous predictions, we can now say that UEFI threats are gradually becoming a norm. With this in mind, vendors are taking more precautions to mitigate attacks like MoonBounce, for example by enabling Secure Boot by default. We assess that, in this ongoing arms race, attacks against UEFI will continue to proliferate, with attackers evolving and finding ways to exploit and bypass current security measures. As a safety measure against this attack and similar ones, it is recommended to update the UEFI firmware regularly and verify that BootGuard, where applicable, is enabled. Likewise, enabling Trust Platform Modules, in case a corresponding hardware is supported on the machine, is also advisable. On top of all, a security product that has visibility into the firmware images should add an extra layer of security, alerting the user on a potential compromise if such occurs. Eset scans the UEFI for known malware traces. It will inform you that such malware exists. It cannot remove the malware. That can only be done using the appropriate hardware method such as re-flashing the BIOS/UEFI. Edited July 18, 2022 by itman
Recommended Posts