Schneier on Security: NSA Exploit of the Day: DEITYBOUNCE


DEITYBOUNCE provides software application persistence on Dell PowerEdge servers by exploiting the motherboard BIOS and utilizing System Management Mode (SMM) to gain periodic execution while the Operating System loads.

This technique supports multi-processor systems with RAID hardware and Microsoft Windows 2000, 2003, and XP. It currently targets Dell PowerEdge 1850/2850/1950/2950 RAID servers, using BIOS versions A02, A05, A06, 1.1.0, 1.2.0, or 1.3.7.

Und täglich grüßt das Murmeltier… Wer noch einen dieser alten Dell-PowerEdge-Server im Einsatz hat: Schnell mal das BIOS upgraden.