Comment by josteink
7 years ago
You got it completely backwards.
UEFI doesn't install anything. It provides a machine-specific binary for Windows to install (intended to ensure that Windows has proper drivers for all the machine’s hardware).
Windows then decides to install this, based on the assumption that OEMs won’t bundle non-critical shit-ware using this method. Which has turned out to be the faulty assumption here.
Either way: Use any other OS except Windows and these UEFI-bundled binaries does nothing. They’re duds.
UEFI doesn’t need to be “tricked” and it can’t force the installation of anything into an OS not wanting it.
It’s really simple, so no need to invent overly complicated threat models.
I think the parent is getting confused because previously Lojack did work as they describe, by injecting its binaries into the filesystem like that. But I guess they have now switched to using this WPBT feature instead.
Oh. That makes much more sense! Thanks for the clarification.
That cd with stuxnet in autorun.inf doesn't do anything. It's the Windows that chooses to load it.