Are you wondering if you should be concerned about your UEFI firmware settings for your PC, and just what is the UEFI firmware settings.
Well, a quick answer would be Yes, because with the way things are these days you want to stay up to date on the firmware settings for your own security protection from hackers. And now you’re probably thinking well,
OK but what does this all mean? Good question, so let’s first take a look at what is UEFI Firmware.
What is UEFI Firmware:
Older models of PCs used the traditional Bios (Basic input/output system) to boot your system, but today’s systems use the new format UEFI firmware (Unified Extensible Firmware Interface). This is a low-level software that is used to boot your system when you turn the power on. Its purpose is to test and initializes the hardware in your system with some low-level system configuration. It will then boot your operating system from an internal drive or another boot device.
Now UEFI is a bit more complicated than the normal Bios in that it contains a processor microcode which is similar to the firmware for the CPU in your system. So what happens is that when you boot your system it will load a microcode that will, in essence, translate software instructions to hardware instruction which are performed on your CPU.
If you have an Intel processor in your system it has something called an Intel Management Engine which is like a tiny operating system that runs parallel to your operating system. Now in a Corporate network system, the administrator can use a feature in the Intel Management Engine to remotely manage the PCs on the network.
And like drivers and software that need their security protocols updated so does the UEFI Firmware, but how is this accomplished.
What about Updating the UEFI Firmware:
With all that has been happening in the past years with spyware, malware, and especially ransomware it is becoming more important to keeping drivers and software security updated. And of course, the UEFI firmware should also be updated to prevent things like what we learned about Spectre in 2018.
This was a problem with what is called a “speculative execution” which means programs could bypass the normal security protocols and read some of the secure areas of your ram which could give them more access to your system.
So as you can see it would be nice to have this Firmware updated to protect your PC, but manufacturers have yet to come up with an easy solution of doing this. So we are left we having to go to the manufacturer of the motherboard and finding the patch for it if there is one, and then installing the patch.
This included having to boot from a bootable drive like a USB drive and then flash the Bios chip, and there have been some scary stories of the update failing and rendering their PCs unbootable. So the advice was to avoid this if your system is stable and working properly, but that was before Meltdown and Spectre were around.
Let’s find out if you need the update:
Before we get ahead of ourselves looking for a way to applying these patches let’s first check to see if you are already protected from Meltdown and Spectre with an easy to use utility called InSpectre. Click on the link to open a page in your browser then click on the download button, click to install and run, you will then be provided with a pop-up window showing your results. (pretty easy wasn’t it? ? )
- System is Meltdown protected: Yes or No
- System is Spectre protected: Yes or No
- Microde Update Available: Yes or No (Not available for AMD)
- Performance: Good or Bad
- CPUID # (CPU IDentification number)
If you get all Yes’s your good to go and if not you can try the updates yourself as long as the Microde Update says it’s available, and here is a great site I like to use for information that will guide you through the steps to take to update your UEFI Firmware. (https://www.howtogeek.com/196916/how-to-check-your-bios-version-and-update-it/)
Hopefully, someday soon the manufacturers will get their shit together and come up with an easy solution to keeping security issues like this updated. Till then we can only do what we can to stay safe from attacks. ?
So what are your thought s about this whole UEFI Firmware, Are you concerned about yours or is this just another thing you don’t need to worry about?
As for myself, as long as I have a good score from InSpectre I’m OK, and even if not I’m not sure I’m really worried about the issue due to the fact that I take my security issues to heart and apply all the tools available like Antivirus software, Malwarebytes, and Trackoff.
And to prevent any Ransomeware just follow these guild lines to prevent such a thing happening to you.
- Be extra careful about what you click on especially in emails.
- Don’t open attachments that you aren’t familiar with.
- Don’t visit strange websites!!
- Keep your Antivirus software up-to-date.
- Keep your files backed up on a separate drive or the cloud!!!!
I hope you have found this article to be helpful, and if so would you consider sharing it with your friends and family.
Would love to hear your thoughts or questions about the UEFI Firmware, you can do so in the comment section below. ?