HomeWinBuzzer NewsPhoenix Leads UEFI Security Response Team (USRT) to Make UEFI-BIOS More Secure

Phoenix Leads UEFI Security Response Team (USRT) to Make UEFI-BIOS More Secure

The UEFI Security Response Team (USRT) under the leadership of Phoenix will serve as a contact point about security vulnerabilities of the BIOS successor.


The industry association UEFI Forum has reacted to the numerous demonstrated vulnerabilities in the UEFI BIOS by establishing a UEFI Security Response Team (USRT). Dick Wilkins, who works for the firmware manufacturer Phoenix, is leading the team.

The USRT is supposed to be the primary contact for white hat hackers finding vulnerabilities. An e-mail address with a corresponding PGP key is also provided to facilitate reporting of vulnerabilities.

The UEFI Security Response Team is organized as a subcommittee of the UEFI Board, but won´t be an independent working group. The USRT is supposed to improve the reputation of the UEFI BIOS, which has been criticised  by and others for being highly insecure.

UEFI Security Response Team (USRT) to be backed by IT-giants

It will be backed by Apple, , Intel, AMD, ARM, ARM, Dell, Lenovo, HP, Red Hat, and the UEFI suppliers AMI, Insyde and Phoenix. Currently, Google is using UEFI alternatives such as Coreboot/Libreboot or NERF.

Twice a year, the UEFI Forum organizes meetings called Plugfests. Security has been playing a major role in recent years with many lectures addressing previously uncovered security gaps and providing guidance on programming of secure firmware functions.

In comparison to classic proprietary BIOS code from suppliers like AMI, Award, Phoenix od Insyde, modern UEFI-implementations are based on the open Tianocore EDK II framework. As a result, bugs and vulnerabilities of EDK II are inheriteted by practically UEFI variants, which make them an attractive target for hackers.

On top of this, UEFI is still suffering from defined protective functions which are left out in many implementations. The UEFI Forum and the UEFI Security Response Team (USRT) are expected to improve the overall security of UEFI in the future.

Markus Kasanmascheff
Markus Kasanmascheff
Markus is the founder of WinBuzzer and has been playing with Windows and technology for more than 25 years. He is holding a Master´s degree in International Economics and previously worked as Lead Windows Expert for Softonic.com.

Recent News