03 March 2007

Firmware rootkits are the latest threat

"John Heasman from Next Generation Security Software demonstrated a rootkit that hides itself in firmware. Completely erase the hard drive, reinstall the OS, and the rootkit is right back where it was before your exercise in futility.

Firmware rootkits aren't an imminent threat, but Heasman's demonstration shows that we can't ignore the firmware in systems anymore. You probably don't even know all the firmware device on your network. Many PCI cards, and even your system clock, have flashable memory. If you do know which parts of your systems are flashable, do you have a procedure for managing firmware? Probably not."

Click on the link below for the full article:


No comments: