One recurring topic we are met with at user groups or conferences is that of UEFI vs BIOS. Or “why should I update my BIOS?” and even “why should I convert from BIOS to UEFI, can’t I worry about that later?”.
This is always a tough topic of discussion, because often IT’s policies around updating BIOS or converting from BIOS to UEFI are driven by decision-makers outside of the department, or worse: decision makers within the department who are oblivious to the security implications of staying on an outdated version of an outdated technology.
Unified Extensible Firmware Interface (UEFI) isn’t a new technology, it has been around for many years. On the other hand, attacks at the BIOS level have not only happened this century, but this decade. Rootkits that try to alter boot process are still in the wild, and anybody on an outdated and legacy technology are at a huge risk.
UEFI (pronounced by saying each letter U-E-F-I) is actually so much more than legacy code stored on a chip on a PC’s motherboard. It is in fact a pseudo operating system. This means that you could technically interact with the filesystem and backup your hard drive. UEFI also has mouse and graphics support.
In a legacy world, a BIOS PC would boot and perform Power On Self Test (POST) or put another way, the PC powers on and the BIOS wakes up all the hardware and makes sure it is running ok. You could interrupt the boot (as you can with UEFI) and enter the settings menu to enable/disable/reconfigure settings. The problem is that in this legacy world, there is little protection available to make sure it’s not the bad guys who are altering settings such as booting from a rootkit, etc. Aside from being outdated and not secure, BIOS has many other limitations. Check out this table of limitations:
UEFI on the other hand, is extremely robust. Aside from the game-changing security features it unlocks in Windows 10, it can do more than legacy BIOS. It isn’t enough to list the limitations of legacy BIOS as an argument to champion the conversion to UEFI in your organization. It is better to understand how the limitations of legacy BIOS relate to the comparison UEFI. Here is a table of some of the many pros of UEFI:
UEFI is compatible with modern versions of Windows and enables many robust security features. In fact, to use the following security features within Windows 10, UEFI is required.