{"id":5842,"date":"2006-01-30T09:21:43","date_gmt":"2006-01-30T08:21:43","guid":{"rendered":"https:\/\/destinationcyber.com\/?p=5842"},"modified":"2006-01-30T09:21:43","modified_gmt":"2006-01-30T08:21:43","slug":"les-rootkits-sen-prennent-au-bios-des-pc","status":"publish","type":"post","link":"https:\/\/destinationcyber.com\/?p=5842","title":{"rendered":"Les ‘rootkits’ s’en prennent au BIOS des PC"},"content":{"rendered":"

John Heasman, consultant de la firme britannique Next-Generation Security Software (NGS), a r\u00e9v\u00e9l\u00e9 lors des conf\u00e9rences Black Hat que la menace des rotkits — des programmes intrusifs non d\u00e9tect\u00e9s par les syst\u00e8mes de s\u00e9curit\u00e9 et d’antivirus – pourrait bien se cacher dans la m\u00e9moire flash du BIOS.<\/p>\n

Pour cela, les attaquants utiliseraient une collection d’outils de contr\u00f4le et de gestion de l’alimentation, la Advanced Configuration and Power Interface (ACPI), et son langage de programmation pour glisser des modules d’un rootkit dans la m\u00e9moire flash du BIOS.<\/p>\n

Les hackers pourraient remplacer des fonctions l\u00e9gitimes du langage ACPI par leurs propres fonctions, malicieuses comme il se doit!<\/p>\n

Et comme elles ne figurent pas sur le disque, elles ne sont pas d\u00e9tectables!<\/p>\n

Et m\u00eame si elles l’\u00e9taient, ult\u00e9rieurement et avec des produits adapt\u00e9s, elles \u00e9chapperaient aux op\u00e9rations classiques destin\u00e9es \u00e0 remettre un syst\u00e8me \u00e0 z\u00e9ro, \u00e0 savoir le formatage d’un disque et la r\u00e9installation du syst\u00e8me d’exploitation.<\/p>\n

Fanch<\/p>\n","protected":false},"excerpt":{"rendered":"

John Heasman, consultant de la firme britannique Next-Generation Security Software (NGS), a r\u00e9v\u00e9l\u00e9 lors des conf\u00e9rences Black Hat que la menace des rotkits — des programmes intrusifs non d\u00e9tect\u00e9s par les syst\u00e8mes de s\u00e9curit\u00e9 et d’antivirus – pourrait bien se cacher dans la m\u00e9moire flash du BIOS. Pour cela, les attaquants utiliseraient une collection d’outils […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_citadela_custom_class":"","footnotes":""},"categories":[15],"tags":[],"class_list":["post-5842","post","type-post","status-publish","format-standard","hentry","category-securite"],"_links":{"self":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/5842","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5842"}],"version-history":[{"count":0,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/5842\/revisions"}],"wp:attachment":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5842"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5842"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5842"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}