"A new form of attack that installs a rootkit directly onto a computer’s Bios system would render anti-virus software useless, researchers have warned…The researchers devised a 100-line Python script that could be flashed onto the Bios to install a rootkit. Because the Bios software activates before any other program on a computer when it starts up, normal anti-virus software would be unable to detect it.
"We tested the system on the most common types of Bios," said Ortega. "There is the possibility that newer types of Extensible Firmware Interface Bios may be resistant to the attack, but more testing is needed."
The attack is only possible if the attacker already has full administrative control of the target PC, but this is possible through a standard virus infection. Once that is achieved, the malware operator would be able to flash a rootkit directly onto the Bios." – Content courtesy of New Bios attack renders anti-virus useless – V3.co.uk – formerly vnunet.com