Microsoft has given the open source community a gift by open sourcing a UEFI codebase dubbed Project Mu. The project demonstrates a way of building UEFI that streamlines security updates and reduces time to market for new features.
The “full-featured, product-ready UEFI firmware codebase” combines code from a multitude of sources, including silicon vendors including TianoCore (itself an open source implementation of UEFI) EDK2 UEFI standard-based code; value-add code from TianoCore; silicon vendor hardware initialisation code; silicon vendor value-add code; independent BIOS Vendor code, board-specific code and more.
The release comes three weeks after cybersecurity vendor ESET identified the first UEFI malware discovered “in the wild”. The rootkit has been active since at least early 2017 and is capable of surviving the re-installation of the Windows operating system or even hard drive replacement, ESET said. The company’s research was the first to show that the previously identified malware was actively attacking the firmware of computers.
The finding threw the spotlight on a previously niche area of security, but came as concerns heightened about UEFI’s potential as a hiding place for rootkits.
Microsoft said in a Q&A on Github: “We hope that Project Mu serves as a concrete example for discussing different approaches to managing the challenges faced by the UEFI ecosystem. It represents a variant of TianoCore that was customized within Microsoft for scaling and maintainability.”
The company added: “It’s not exactly a staging branch for TianoCore, as there are some changes that may not have application within or meet the explicit goals of that project, but it is a place where features and changes can be publicly featured and discussed.”