1

I learned about the BIOS being able to be written to by malware. It reminded me I have a used laptop that performs noticeably slower than any comparable devices, so I went ahead an downloaded BIOS update installers (from Dell), and wow, it works so much better! I had tried multiple times in the past to reinstall the OS, and it just would go SO slow (despite decent specs)!

However, the BIOS update installers were .exe files - so even though they seem to have seemingly worked, what's to prevent a more sophisticated BIOS malware from simply reinfecting the BIOS as soon as I run that BIOS update .exe? If the slowness was infact a BIOS malware on that device, then it seemed to be infecting the OS I installed on the device on boot. So I presume any more modern version of that BIOS malware would simply reinstall itself right away / ensure it's still written to the BIOS.

Let me know if that makes sense.

Essentially, how could I effectively update the BIOS, if I have to log into a standard OS, and the BIOS is infecting the OS? Dell for example ONLY provided Windows .exe for BIOS updates annoyingly (for my device), and I checked for an old HP tower I have and they too only provide a .exe for BIOS updates.

Yet that OS is what BIOS malware may be infecting upon boot... and could in theory just ensure the BIOS is written a certain way (infected) even after a BIOS update via the .exe...

I know there are some motherboards that allow you to update the BIOS via a USB device, without an OS (only desktops as far as I know of atm). Perhaps those are more secure to update the BIOS of, than a motherboard that requires BIOS updates via a .exe?

But mainly, how do I update the BIOS before BIOS re-infects the host with these .exe BIOS updaters?

Improve this question
1
  • 3
    Dell usually can flash firmware w/o OS directly from the BIOS. Don't let you get confused by the .exe extension - the BIOS can directly deal with it. Of course, if a compromised BIOS would also include the flashing being compromised, then you are out of luck. Also note that nothing you describe here suggests that your BIOS were infected in the first place. Slowness of the system could simply be the result of suboptimal interplay between the BIOS/hardware and the OS, so that the hardware will be used in a slow mode instead of a fast mode. This might have been fixed by a recent BIOS.
    – Steffen Ullrich
    Commented Jul 7 at 20:07

1 Answer 1

Reset to default
1

Although, as it has been mentioned in the comments, the slowness was probably directly related to the outdated BIOS!

But nether the less, there are plenty of ways to update or reinstall the BIOS without accessing the original OS.

  1. Boot into a live USB: Make a bootable USB drive with a clean, trusted OS- maybe like a Live Linux distro. This’ll ensure that you're working in a malware-free environment when you do the BIOS update. And this is a big ‘duh’, but DO NOT create the live USB on the potentially infected OS!!

  2. BIOS flash utility: Some laptops include an option within the BIOS setup utility to update the BIOS directly from a USB drive (So you don’t need to install a whole OS on the USB.) Just download the BIOS update file from Dell's website and place it on a USB drive. Then restart your laptop and enter the BIOS setup utility (usually by pressing F2, F12, or another key during startup etc.) and look for an option like "BIOS Update" or "Flash BIOS" and follow the prompts to update the BIOS from the USB drive. But unfortunately this won’t always work- it depends on many factors (such as version and previous settings) so you’ll just have to try.

And also keep in mind: it’s very much possible that things are the wrong way around and the BIOS has malware that is infecting the OS! If this is the case, you’ll probably want to reset the BIOS to it’s default settings then flash a brand new version. My suggestions don’t just apply to updating, but for completely reinstalling, too.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .