Nobody expects the BIOS inquisition, so nobody patches them
Millions of flawed BIOSes can be infected using simple two-minute attacks that don’t require technical skills and require only access to a PC to execute.
Basic Input/Output Systems (BIOS) have been the target of much hacking research in recent years since low-level p0wnage can grant attackers the highest privileges, persistence and stealth.
LegbaCore researchers Xeno Kopvah and Corey Kallenberg revealed the threat to El Reg ahead of a presentation How Many Million BIOSes Would You Like to Infect? at CanSecWest tomorrow.