Aren’t microcode firmware updates loaded by the OS on boot? So they’re not actually persistent since it doesn’t modify any kind of flash memory in the CPU. You can just replace a malicious firmware on disk with an official one.
Am I misunderstanding how microcode firmware works?
Aren’t microcode firmware updates loaded by the OS on boot? So they’re not actually persistent since it doesn’t modify any kind of flash memory in the CPU. You can just replace a malicious firmware on disk with an official one.
Am I misunderstanding how microcode firmware works?
I can’t speak for the details, but I know for sure you can load malicious firmware that cannot be cleared by the OS.
https://www.crowdstrike.com/en-us/cybersecurity-101/malware/bootkits/
From my understanding bootkits are just one example.
Someone please correct me if I am wrong.
This article is about UEFI rootkits, not malicious CPU microcode firmware.