What's new

UEFI prevents rootkits?

Jcwisgod

New Member
Member
I've been reading that EUFI booting prevents rootkits, is this true?
 

My Computer

System One

  • OS
    Windows 8
    Computer type
    Laptop
    System Manufacturer/Model
    HP Ultrabook
    CPU
    2.6 GHz Core i5-3317U
    Memory
    8 gb DDR3 Ram
    Screen Resolution
    1366 x 768
    Hard Drives
    320gb HDD, 120gb SSD
    Keyboard
    Backlight Island Style Keyboard
    Mouse
    Trackpad
    Internet Speed
    18 MB/S DL Speed
    Browser
    Opera
    Antivirus
    Avast/Malwarebytes

Jcwisgod

New Member
Member
UEFI has a secure boot feature that indeed is designed to prevent rootkits. Key boot files are digitally signed (by microsoft) and any malicious software that attempts to tamper with them is automatically detected at startup and blocked.

More info :
Secure Boot Overview
Secured Boot and Measured Boot: Hardening Early Boot Components Against Malware


So I'm guessing it has a high detection rate? and thank you :), its not allowing me to you anymore rep points at the moment.
 

My Computer

System One

  • OS
    Windows 8
    Computer type
    Laptop
    System Manufacturer/Model
    HP Ultrabook
    CPU
    2.6 GHz Core i5-3317U
    Memory
    8 gb DDR3 Ram
    Screen Resolution
    1366 x 768
    Hard Drives
    320gb HDD, 120gb SSD
    Keyboard
    Backlight Island Style Keyboard
    Mouse
    Trackpad
    Internet Speed
    18 MB/S DL Speed
    Browser
    Opera
    Antivirus
    Avast/Malwarebytes

oneeyed

New Member
Pro User
No detection rate. My explanation above was maybe a bit confusing. This isn't an antivirus, which is a blacklisting approach but a whitelist (more info here : Whitelisting Vs Blacklisting | Kevin Townsend) : if a bootfile is signed, its ok if not it's blocked. And yes, it's much more efficient.
 

My Computer

System One

  • OS
    Windows 8.1 (x64)
    Computer type
    PC/Desktop

Jcwisgod

New Member
Member
Sorry the way I said it made it seem like I thought it as an antivirus or something, I got one more question, how can I tell if I got UEFI enabled or not?
 

My Computer

System One

  • OS
    Windows 8
    Computer type
    Laptop
    System Manufacturer/Model
    HP Ultrabook
    CPU
    2.6 GHz Core i5-3317U
    Memory
    8 gb DDR3 Ram
    Screen Resolution
    1366 x 768
    Hard Drives
    320gb HDD, 120gb SSD
    Keyboard
    Backlight Island Style Keyboard
    Mouse
    Trackpad
    Internet Speed
    18 MB/S DL Speed
    Browser
    Opera
    Antivirus
    Avast/Malwarebytes

Jcwisgod

New Member
Member
BIOS is in UEFI, and Secure Boot is off
 

My Computer

System One

  • OS
    Windows 8
    Computer type
    Laptop
    System Manufacturer/Model
    HP Ultrabook
    CPU
    2.6 GHz Core i5-3317U
    Memory
    8 gb DDR3 Ram
    Screen Resolution
    1366 x 768
    Hard Drives
    320gb HDD, 120gb SSD
    Keyboard
    Backlight Island Style Keyboard
    Mouse
    Trackpad
    Internet Speed
    18 MB/S DL Speed
    Browser
    Opera
    Antivirus
    Avast/Malwarebytes

oneeyed

New Member
Pro User
You should enable secure boot in your bios settings. How to do that depends on your motherboard, but here is a link to help : "Secure Boot isn't configured correctly": troubleshooting
  1. Open the PC BIOS menu. You can often access this menu by pressing a key during the bootup sequence, such as F1, F2, F12, or Esc.
  2. Or, from Windows: go to Settings charm > Change PC settings > Update and Recovery > Recovery > Advanced Startup: Restart now. When the PC reboots, go to Troubleshoot > Advanced Options: UEFI Firmware Settings.
  3. Find the Secure Boot setting, and if possible, set it to Enabled. This option is usually in either the Security tab, the Boot tab, or the Authentication tab.
  4. On some PCs, select Custom, and then load the Secure Boot keys that are built into the PC.
  5. If the PC does not allow you to enable Secure Boot, try resetting the BIOS back to the factory settings.
  6. Save changes and exit. The PC reboots.
  7. If the PC is not able to boot after enabling Secure Boot, go back into the BIOS menus, disable Secure Boot, and try to boot the PC again.
  8. In some cases, you may need to refresh or reset your PC to its original state before you can turn on Secure Boot. For more info, see How to restore, refresh, or reset your PC.
  9. If the above steps don’t work, and you still want to use the Secure Boot feature, contact your manufacturer for help.
 

My Computer

System One

  • OS
    Windows 8.1 (x64)
    Computer type
    PC/Desktop

Jcwisgod

New Member
Member
Alright so I just tried to enable Secure Boot, but it's showing as grey and won't let me change it, I also noticed it says it's in 'Legacy' mode, kinda weird?
 
Last edited:

My Computer

System One

  • OS
    Windows 8
    Computer type
    Laptop
    System Manufacturer/Model
    HP Ultrabook
    CPU
    2.6 GHz Core i5-3317U
    Memory
    8 gb DDR3 Ram
    Screen Resolution
    1366 x 768
    Hard Drives
    320gb HDD, 120gb SSD
    Keyboard
    Backlight Island Style Keyboard
    Mouse
    Trackpad
    Internet Speed
    18 MB/S DL Speed
    Browser
    Opera
    Antivirus
    Avast/Malwarebytes

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

Top