UEFI-Based Malware Statement
Getac is aware of the CosmicStrand issue, which targets the Intel® H81 Chipset module. CosmicStrand is a rootkit malware with functionality designed to inspect the UEFI¹/BIOS firmware of targeted systems by discovering vulnerabilities and enabling attackers to read/write/erase the device’s BIOS. It is similar to the already-known Trickboot malware. Both can be categorized as UEFI-based malware.
Getac products undergo a series of preventive measures and tests to ensure security against UEFI-based malware.
From a BIOS and firmware perspective, all Getac products follow NIST 800-147 policy regarding BIOS write protection, protecting against program or erase commands.
Regarding the OS layer, Getac has analyzed it using the CHIPSEC tool from Intel, which is a framework for analyzing the security of PC platforms, including hardware, system firmware (BIOS/UEFI), and platform components.
Getac rugged products¹ have passed tests that ensure the protection of the UEFI BIOS from programmable SPI writes by malware and reduce the risk of attack by known threats.
To ensure an appropriate level of security against malware, we suggest you update the firmware to the latest version to mitigate various known vulnerabilities.
¹ CHIPSEC analyzes the following platforms only: 11th Generation Intel® Core™ Processors, 10th Generation Intel® Core™ Processors, 8th Generation Intel® Core™ Processors, 7th Generation Intel® Core™ Processors, 6th Generation Intel® Core™ Processors, and Intel® Atom® x7-Z8750 Processor