CIS Protection Against Firmware Malware [M1947]

1. What actually happened or you saw:
An absence of firmware-detailing data.

2. What you wanted to happen or see:
Something like a CIS functionality that scans and shows details about the firmware; and if it is possible, also check the firmware for malware.

3. Why you think it is desirable:
Because firmware is the deepest layer where a malware can sit itself, so if CIS can do something about it it will be good.

4. Any other information:
Nothing else.

It is going to be a rock and roll if CIS can. However, this will increase the definitions file size!

I may add up, that some “custom firmware” implemented in “USB Storage Devices” can make Windows system believe it is a “Keyboard.”

Therefore, all you need is walk in someone’s computer to install “hacking/cracking” programs bundled with it without the need of an “Administrator” account.

Cool eh? See details of this exploit done by the “Red Team” (search with Google).

This one would bring cis to the next level. As far i know very few antivirus programs do this.