New rootkits are headed for BIOS!
According to this Security Focus Article, insider attacks and industrial espionage could soon become more stealthy by hiding malicious code in the core system functions available in a motherboard's BIOS. Unfortunately, we may be seeing those kind of attacks appearing in the IT world in a month or two. The thing that is frightening about these rootkits is that they are platform independent since they don't need an OS to run.
"A collection of functions for power management, known as the Advanced Configuration and Power Interface (ACPI), has its own high-level interpreted language that could be used to code a rootkit and store key attack functions in the Basic Input/Output System (BIOS) in flash memory, according to John Heasman, principal security consultant for U.K.-based Next-Generation Security Software."
Read more on Security Focus
Technorati tags: security , rootkits , microsoft , linux , Geeks , hacking