Question purging rootkit infection from BIOS

wpshooter

Golden Member
Mar 9, 2004
1,557
1
81
#1
Will reflashing the BIOS purge a rootkit infection from BIOS ?

Thanks.
 

DAPUNISHER

Super Moderator and Elite Member
Moderator
Aug 22, 2001
20,814
50
126
#2
What makes you so certain that you have one? They are rare and usually aimed at high value targets. I recently read posts from professionals, that there has not been any appreciable activity in bios infecting proof of concepts, let alone real infection distribution campaigns.

Not trying to debate you, insult you, or otherwise antagonize you, so don't take umbrage. It is simply that your having one is about the least likely explanation. A software or hardware issue is much more likely than a rare bios rootkit.
 

wpshooter

Golden Member
Mar 9, 2004
1,557
1
81
#3
No, don't think I have one just ran across this subject in conversation and was wondering what the possible effects would/could be. And how to fix it IF it did occur. I found a post elsewhere suggesting that indeed reflashing the bios would fix. Thanks.
 

DAPUNISHER

Super Moderator and Elite Member
Moderator
Aug 22, 2001
20,814
50
126
#4
Given what I have read about them, I would be more prone to trash the chip or even the whole board, to be on the safe side.
 

whm1974

Diamond Member
Jul 24, 2016
7,447
483
96
#5
Given what I have read about them, I would be more prone to trash the chip or even the whole board, to be on the safe side.
Speaking of rootkits, are any ways and safeguards to prevent rootkits from getting installed in the UEFI?
 

daveybrat

Super Moderator
Super Moderator
Jan 31, 2000
5,008
76
126
#8
Yes, reflashing the bios should remove a bios rootkit. Although as others have already chimed in, i've never in my professional career seen a bios rootkit and i've been a tech for almost 24 years now.
 

Mr Evil

Senior member
Jul 24, 2015
379
31
86
mrevil.asvachin.eu
#9
The BIOS isn't the only firmware on a motherboard, and GPUs and storage devices have firmware too. A sophisticated enough rootkit could infect any or all of them, the only way to be sure is to throw it all away.
 

ASK THE COMMUNITY

TRENDING THREADS