BIOS updates from an OS directly?

Moderator: The Mod Squad

BIOS updates from an OS directly?

Postby cccc » Fri Apr 06, 2012 5:29 am

hi

Is not quite dangerous, that we can today do BIOS updates from an OS directly?
Is this not nutrient for some viruses?
cccc
Green Belt
Green Belt
 
Posts: 104
Joined: Mon Jul 02, 2007 3:26 pm

Postby evasive » Fri Apr 06, 2012 5:43 am

If you are getting your update from any other source than the board manufacturer this is a risk. the same holds true for any software not coming from the original source.

As with regular (ie DOS flashing) the same holds true: do this on a system that is as clean as possible so very early in the install process. Personally, I know things have gotten better, the high casualty rate on online bios updates is because most people will do one on an already unstable system hoping it will fix the errors/slowness they caused in the first place by installing loads of software...

Am I sounding bitter?
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
evasive
Mobo-fu Master
Mobo-fu Master
 
Posts: 36900
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands

Postby cccc » Fri Apr 06, 2012 7:33 am

evasive wrote:If you are getting your update from any other source than the board manufacturer this is a risk. the same holds true for any software not coming from the original source.

As with regular (ie DOS flashing) the same holds true: do this on a system that is as clean as possible so very early in the install process. Personally, I know things have gotten better, the high casualty rate on online bios updates is because most people will do one on an already unstable system hoping it will fix the errors/slowness they caused in the first place by installing loads of software...

Am I sounding bitter?


No, I mean if the virus can find out bios model/version by itself and change/overwrite/destroy it, without the user knows about.
cccc
Green Belt
Green Belt
 
Posts: 104
Joined: Mon Jul 02, 2007 3:26 pm

Postby Karlsweldt » Fri Apr 06, 2012 8:57 am

I do not consider the process of flashing or updating a BIOS file when the OS is active a 100% secure route. Too many processes are active during this critical step, and a good chance something can go awry. And you cannot just update or renew the BIOS files and continue operating! The system must be shut down and reset, then restarted, for the 'new' BIOS program to be effective. The only surest, safest means of a BIOS update or change is via a floppy disk or a USB flash stick while the BIOS is in its own entity.
Yes, many newer BIOS versions have a "backup" memory in case the program becomes corrupt during the update process. Saving grace for not getting a useless mobo after a bad flash!
F@H.. to solve mankind's maladies.. in our lifetimes!
Karlsweldt
Mobo-fu Master
Mobo-fu Master
 
Posts: 19408
Joined: Wed Nov 12, 2003 11:57 am
Location: 07438

Postby evasive » Sun Apr 08, 2012 1:42 am

cccc wrote:
No, I mean if the virus can find out bios model/version by itself and change/overwrite/destroy it, without the user knows about.


Interesting point of view. However, by building something like that you are targeting a very small audience for each variant, it's complicated, big (you need to have bios images for each model) and not very practical. These days viruses are written for profit mainly.
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
evasive
Mobo-fu Master
Mobo-fu Master
 
Posts: 36900
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands


Return to BIOS

Who is online

Users browsing this forum: Yahoo [Bot] and 0 guests