Extreme Privilege Escalation on Windows 8/UEFI Systems
It has come to light that state actors install implants in the BIOS. Let no one ever again question whether BIOS malware is practical or present in the wild. However, in practice attackers can install such implants without ever having physical access to the box. Exploits against the BIOS can allow an attacker to inject arbitrary code into the platform firmware. This webcast will describe two such exploits the presenter developed against the latest UEFI firmware.