File-Manage the Unsigned Area of a BIOS?
3DIO
Posts: 351
Not DAZ specific, but is there anyone here knows whether it's possible to file-manage what is known as the "Unsigned" area of a BIOS?
Also, assuming it's even possible, is there an Open Source tool for doing that?
Post edited by 3DIO on
Daz 3D is part of 
Connect
DAZ Productions, Inc.
7533 S Center View Ct #4664
West Jordan, UT 84084
Licensing Agreement | Terms of Service | Privacy Policy | EULA
© 2026 Daz Productions Inc. All Rights Reserved.
Comments
Ask google, it's quite impressive what their AI can come up with:
Query: "is it possible to file-manage what is known as the "Unsigned" area of a BIOS"
Answer:
Yes, it is possible to file-manage, edit, and modify the "unsigned" or non-protected areas of a BIOS/UEFI firmware image, but it is a highly technical process that involves breaking the digital signature of the file and requires specialized tools.
While modern security measures like Intel Boot Guard or Secure Boot protect the core BIOS code, many BIOS images contain volumes or regions (such as Option ROMs, splash screens, or some non-critical drivers) that are not covered by these checks.
How to File-Manage the Unsigned BIOS Area:
Modifying this area is typically done by extracting the BIOS firmware, modifying it, and then reflashing it.
Critical Challenges and Risks
Disclaimer: Modifying BIOS files is risky and can permanently damage your hardware.
(if you need more details it can go deeper into AI mode, but remember, AI fails sometimes so better double check the answers)
Try UEFITool: https://github.com/LongSoft/UEFITool
Unfortunately I'm not technical enough to get into that level of stuff, and woudn't dream of doing so. I just need an easy tool to delete the startup logo. I saw in a video yesterday that they are infecting our computers with viruses that use the logo of our motherboards. Reflashing your BIOS doesn't erase the logo, and if I'm understanding it correctly, the logo is stored there. So basically I just need the BIOS equivalent of a simple file manager so that I can locate the logo file within the BIOS and delete it, just like deleting a file from a folder.
The idea is to delete the logo first and then reflash the BIOS, because hopefully then it wouldn't be able to re-infect the logo.
Sorry, I hadn't seen your response before my previous post went live. Interesting tool, and thanks for the link, but I think it refers to images as meaning the BIOS image file itself whereas I'm referring to an actual bitmap image file. I've attached a video to give an idea what I'm talking about.
Basically, they're using the graphical start-up logo file of our motherboards, to store infected code which, due to being stored in the BIOS, gets to execute before your OS even boots up. The information provided in the video is handy to know in so far is it gives us laymen types a basic idea of what's going on. But I got to thinking that if the logo is basically acting as a vulnerable storage target for the hacker due to being stored in the "unsigned" part of the BIOS, then why not just remove the logo file in order to prevent them being able to hack it in the first place?
On my BIOS, for example, I have an option to display the logo at startup. And while it might sound logical to simply disable display of the logo, it's importanty to remember that merely disabling the logo does not remove the logo from the BIOS. That makes me think that it would still be vulnerable.
Now obviously, messing around with a BIOS is super-risky (and I do not recommend that anyone try doing anything with their BIOS) but the way I see it on my own motherboard is that it could go two ways. If I were to successfully delete the logo file so that it cannot be infected, but then forget to change the option to disable display of the logo at startup, then almost certainly I would expect my motherboard to be bricked. But my layman thinking here is to first of all reflash, then delete the reflashed logo file, and finally set my BIOS option to not display the logo upon startup. I could be totally wrong and it could be dangerous, but I can't help but think that a file that does not exist in the first place, surely cannot be hacked, and that providing I remember to switch display of the startup logo off, then it would surely not execute (and therefore hopefully not brick) due to the logo no longer being present.
I barely know anything about BIOS tech, so would not even attempt it unless there was a "BIOS File Management for Dummies" sort of thing. I'm really just asking this stuff on behalf of myself. That said, I think all PC users should read up and watch a few videos regards what's going on.
Not recommended
I think you're overthinking this. Just update your BIOS version to the newest, my low-mid range board PRIME B450 PLUS had an update two years ago that patched out the LogoFAIL vulnerability.
Sadly I think you're right and it makes me wonder if this stuff will ever stop. And if "Artificial Intelligence" was truly so damn "Intelligent", then perhaps designing an unhackable OS could be one of it's biggest gifts to humanity. It's crazy how many super-dangerous hacks are doing the rounds lately, with one very recent (and huge) exploit and not a word about it from the MSM.
Crazy, scary stuff.
Apologies yet again since I hadn't seen that last post before my previous post went live.
After your post I went and looked at the downloads for my motherboard again. There was no mention of a fix for it in the very latest BIOS download, but I just thought to look further back and indeed it was fixed for my motherboard. I was especially anxious since my motherboard is MSI, because although he mentioned MSI being the only PC motherboard manufacturer to protect against this stuff by default, he then went on to say some keys were leaked or something. Thankfully they fixed it sharpish, no doubt by generating a different set of keys for the BIOS.
I'm actually feeling kinda happy with myself now. Feels good to know that I chose a brand of motherboard (MSI) where the maker was sensible enough to forsee this problem and prevent it, while others never did. I've no plan to upgrade my system at the moment (especially during the memory shortage situation). But I know for sure which brand of motherboard I'll be buying next time: it will be good old MSI again, although to be fair I think it would have been MSI for me again anyway.
By the way, I don't know if people on here are aware of this, but there was an extremely serious exploit I read about a few weeks back, one that effects PDF files. Considering how many people use PDF files and that nothing was said about it in the MSM, you really do have to wonder what is going on. I mean wow, PDF of all things, and just shortly pior to that, I had even read there was an exploit effecting blender files!
Crazy stuff. It's pretty much non-stop these days.