A new form of attack that installs a rootkit directly onto a computer's Bios
system would render anti-virus software useless, researchers have warned.
Alfredo Ortego and Anibal Sacco of Core Security Technologies explained that
the attack is possible against almost all types of common Bios systems in use
today.
The researchers devised a 100-line Python script that could be flashed onto
the Bios to install a rootkit. Because the Bios software activates before any
other program on a computer when it starts up, normal anti-virus software would
be unable to detect it.
"We tested the system on the most common types of Bios," said Ortega. "There
is the possibility that newer types of Extensible Firmware Interface Bios may be
resistant to the attack, but more testing is needed."