Microsoft Research: Strider GhostBuster Rootkit Detection and "...stealth software that hides in BIOS, Video card EEPROM"
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: Mon, 19 Sep 2005 23:58:01 GMT
States the following...
"Note: there will be some false positives. Also, this does not detect stealth software that
hides in BIOS, Video card EEPROM, disk bad sectors, Alternate Data Streams, etc. "
We have discussed the possibility of infecting a BIOS over and over and the consensus has
been that is not possible. Based upon my studying both viruses and hardware I can't see how
it is possible. Yet the above Microsoft web site on a RootKit Detector indicates
"...stealth software that hides in BIOS, Video card EEPROM".
>From what I believe to be true, this is faux information and pure FUD.
If anyone has specific information (backed by authoratative URLs such as from the IEEE or
some other organization) I welcome the replies. Both PRO and CON for the above statement.