Vulnerability Development mailing list archives
Re: Modern hw-killing virus feasible
From: Robert Sandilands <robert.sandilands () SECUREWORX COM>
Date: Wed, 7 Mar 2001 20:08:52 +0200
CIH overwrote the start of the BIOS with nonsense which made the machine unusable. Some motherboard manufacturers provided no path to recover these BIOS's. Effectively the machine was "broken". Some harddisk manufacturers allow you to upgrade the BIOS on the disk itself. That can have potentially interesting side effects. Most modern monitors will protect itself from weird things you send to it, so that shouldn't be a problem. Some video cards can have their BIOS's software upgraded but that should not be able to affect the display device. One processor have a way of doing software upgrades to it's "micro-code". That may also have interesting effects depending on your ability to recover from this as with the motherboards mentioned. It is unlikely that any of these will do physical damage to the machine but may turn it into a big doorstop anyway because there may be no way to recover from the virus effect. Robert Sandilands -----Original Message----- From: Ma Gores [mailto:gores () INAME COM] Sent: 07 March 2001 06:57 To: VULN-DEV () SECURITYFOCUS COM Subject: Re: Modern hw-killing virus feasible Quoting from someone, somewhere, else... "cih erased the software stored on the chip... it should be obvious from that that it is software damage, not hardware damage...
But its damage is just as bad"
Semantics, maybe. ------- Magores At 07:57 PM 3/6/2001 +0100, you wrote:
Hi, Doesn't seem anything really new. The CIH Virus http://vil.mcafee.com/dispVirus.asp?virus_k=10300& ) written in 1998
did
something like what you are describing. On a set date it tried to flash
the
bios with garbage, making the infected pc unable to boot. Alot of hardware can probably be killed this way, as a lot of hardware
these
days have flashable eeprom's. The only problem is is that they have
various
ways of flashing the eeprom, thus making it (virtually) impossible for
a
virus to have a generic (flash-)payload for a lot of hardware. Kind Regards, Bart
Current thread:
- Re: Modern hw-killing virus feasible, (continued)
- Re: Modern hw-killing virus feasible Nick (Mar 07)
- Re: Modern hw-killing virus feasible Ben Ford (Mar 07)
- Re: Modern hw-killing virus feasible Titanas (Mar 08)
- Re: Modern hw-killing virus feasible Lucien Fransman (Mar 08)
- Re: Modern hw-killing virus feasible Ian Kayne (Mar 07)
- SV: Modern hw-killing virus feasible Christian Wettergren (privat) (Mar 08)
- Re: SV: Modern hw-killing virus feasible Lynn Crumbling (Mar 09)
- Re: SV: Modern hw-killing virus feasible Bruno Lustosa (Mar 09)
- SV: Modern hw-killing virus feasible Christian Wettergren (privat) (Mar 08)
- Re: Modern hw-killing virus feasible Ashworth, Robert C. [Contractor] (Mar 07)
- Re: Modern hw-killing virus feasible Michael Wojcik (Mar 07)
- Re: Modern hw-killing virus feasible Robert Sandilands (Mar 07)
- Re: Modern hw-killing virus feasible Peter Tonoli (Mar 08)
- Re: Modern hw-killing virus feasible Syzop (Mar 08)
- Re: Modern hw-killing virus feasible Ian Kayne (Mar 08)
- Re: Modern hw-killing virus feasible Matt Bell (Mar 08)
- FW: Modern hw-killing virus feasible Russell Munday (Mar 08)
- Re: Modern hw-killing virus feasible Jason Brvenik (Mar 08)
- Fw: Modern hw-killing virus feasible Cilice Cracker (Mar 09)
- Fw: Modern hw-killing virus feasible Cilice Cracker (Mar 09)