Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Flawed BIOS Implementations Lead to Intel Boot Guard Bypass

Poor firmware implementation can lead to the bypass of advanced technologies created to protect Unified Extensible Firmware Interface (UEFI) BIOS, such as Intel Boot Guard, from illegal modifications, security researchers have discovered.

Poor firmware implementation can lead to the bypass of advanced technologies created to protect Unified Extensible Firmware Interface (UEFI) BIOS, such as Intel Boot Guard, from illegal modifications, security researchers have discovered.

Initially launched in 2013, Intel Boot Guard is a hardware-assisted BIOS integrity verification mechanism that creates a trusted boot chain so that the integrity of boot components is cryptographically verified. The boot chain uses an RSA public key (its hash is hard-coded inside the CPU) and an OEM private key.

The OEM sets the final configuration and writes it to one-time-programmable Intel chipset fuses during the manufacturing process, thus making it almost impossible for an attacker to modify the BIOS without knowing the private part of the OEM Root Key.

However, because some OEMs might fail to properly configure Intel Boot Guard, attackers could end up injecting code and permanently modifying BIOS.

Earlier this year at Black Hat 2017, security researcher Alex Matrosov presented some vulnerabilities in poor BIOS implementations, explaining that not all vendors enable the protections offered by modern hardware. Because of that, attackers could elevate privileges, bypass protections, and install rootkits, he explained.

Alexander Ermolov, a scurity researcher at Embedi, now says that one such faulty implementation impacts a series of firmware releases based on AMI Aptio UEFI BIOS. The product is highly popular among many OEMs, including Gigabyte, MSI, Asus, Acer, Dell, HP, ASRock, which suggests that vulnerable code might be present in a huge number of motherboards.

Ermolov explains that, during the verification stage, a BootGuardPei routine checks for compatibility with Intel Boot Guard, after which a Hand-Off Block (HOB) binary containing the result of verification is created. Thus, if the verification is not successful, the zero value is written to the HOB.

Advertisement. Scroll to continue reading.

While this should result in an enforcement policy being applied, further execution of BIOS is allowed, resulting in modified Driver Execution Environment (DXE) code being run. This is possible because of another Boot Guard-related module that analyzes the results written to HOB and shuts down the system if DXE code didn’t pass the integrity check.

If it doesn’t find the verification results, the routine returns an error. As a result, attacks that allow for the deletion of the HOB can result in bypassing the DXE code integrity check. Furthermore, if the module responsible for this step is deleted, there will be no code responsible for analyzing the integrity verification results.

The researcher says they notified AMI to inform them on the findings and were told that the issue had been already addressed and that OEMs were alerted on the matter. The latest AMI BIOS codebase available to customers (OEMs) is no longer vulnerable.

However, after verifying the implementation of the fix in the previously analyzed motherboard (a Gigabyte GA-H170-D3H model), Ermolov discovered that things went from bad to worse. If BootGuardPei doesn’t perform a successful verification, it now writes a positive value to HOB, thus effectively bypassing the Boot Guard protection for DXE integrity check.

Related: Mac Firmware Updates Are Failing and Leaving Systems Vulnerable: Report

Related: Firmware Zero-Day Allows Hackers to Disable Security Features

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.