tags:UEFImitigationsecure_boot
original link: UEFI is the new BIOS newsletter link: exploits.club Weekly Newsletter 41 - Exploit Dev Lifecycle, Binder Internals, UEFI Deep-Dive, and More


Exploits Club Summary:

@LeviathanSec released their first in an 8 part series detailing UEFI RE, VR, and exploit development. This introductory post starts with a brief history of the technology and the move from Legacy BIOS. It then takes a detailed look at the UEFI boot process, discussing the first 4 phases (SEC, PEI, DXE and BDS) and providing all the requisite knowledge to understand the flow. It concludes with a quick look at Secure Boot and some additional protections such as Boot Guard and BIOS Guard, and then some context around the UEFI shell. We are looking forward to the next installments in the series!n