YoVDO

Baring the System - New Vulnerabilities in SMM of Coreboot and UEFI Based Systems

Offered By: Recon Conference via YouTube

Tags

REcon Conference Courses Vulnerability Analysis Courses coreboot Courses Firmware Security Courses UEFI Courses

Course Description

Overview

Explore new vulnerabilities in System Management Mode (SMM) affecting Coreboot and UEFI-based systems in this conference talk from Recon 2017 Brussels. Delve into an entirely new class of vulnerabilities in SMI handlers, caused by incorrect trust assumptions between firmware and hardware. Learn about the impact of these issues on various system firmware types and discover potential mitigation techniques. Gain insights into the researchers' previous findings on UEFI-based firmware vulnerabilities and their consequences, including attacks on hypervisors and bypassing Windows 10 security protections. Understand the changes implemented in OS-SMM communication and the introduction of Windows SMM Security Mitigations ACPI Table (WSMT). Get introduced to a new module for the open-source CHIPSEC framework, designed to automatically detect these vulnerabilities on running systems. Benefit from the expertise of Yuriy Bulygin, lead of the Advanced Threat Research team at Intel Security, and Oleksandr Bazhaniuk, a security researcher specializing in low-level hardware and BIOS/UEFI security.

Syllabus

recon 2017 Brussels-Baring the system:New vulnerabilities in SMM of Coreboot and UEFI based systems


Taught by

Recon Conference

Related Courses

I Boot when U-Boot
nullcon via YouTube
The Internet of Insecure Things - 10 Most Wanted List
YouTube
Attacking IOBluetoothFamily HCI and Vendor-Specific Commands
Black Hat via YouTube
Breaking Through Another Side - Bypassing Firmware Security Boundaries from Embedded Controller
Black Hat via YouTube
Securing Your In-Ear Fitness Coach - Challenges in Hardening Next Generation Wearables
Black Hat via YouTube