The National Institute of Standards and Technology has released a proposed set of guidelines designed to improve the security of BIOS firmware, one of the fundamental elements of computing. According to NIST, the unauthorized modification of the BIOS firmware — or Basic Input/Output System, the firmware that controls the most basic functions of a computer — is particularly troublesome “because of the BIOS’s unique and privileged position within the PC architecture.” The new security document covers servers, providing platform vendors with a set of guidelines to try to ensure a secure BIOS update process. The institute describes the BIOS as an “obscure and fundamental” element that has become a target for hackers. “Malicious BIOS modification could be part of a sophisticated, targeted attack on an organization,” says NIST, “either a permanent denial of service or a persistent malware presence.” NIST is seeking comments on its proposed guidelines by September 14th.
US government sets new guidelines on how to secure low-level PC functions
A new set of standards from the National Institute of Standards and Technology should help create a more secure BIOS update process for server vendors.
A new set of standards from the National Institute of Standards and Technology should help create a more secure BIOS update process for server vendors.
is an entertainment editor covering streaming, virtual worlds, and every single Pokémon video game. Andrew joined The Verge in 2012, writing over 4,000 stories.
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
