If the microcode/firmware of your vendor contains ransomware (either because the vendor itself has become malicious or its download sites are manipulated by hackers), browser settings would not help at all as such updates are usually handled by your OS. Only if you download and install those firmware/microcode updates yourself your AV mightâ„¢ perhaps be able to recognize them as infected (but I doubt that). And even in that case browser settings would not prevent that as installing those updates is not performed from your browser, AFAIK (and should not be possible anyhow because of the browser sandbox).
Unclear. Suppose I (99.99% so all other users) currently have a clean microcode. Are you claiming that through Microsoft system updates I could be infected? I asked AI. The correct question is the one in the image: https://imgbox.com/DclQxPWS Currently not possible.
Possibly? 3rd-party microcode is usually closed source. I doubt that Microsoft is doing reverse engineering for that code. I'm not saying that such infections are already happening. But as the article mentions: "There are some indications that criminals are moving toward this end goal, from the UEFI bootkits that go back to 2018 and are now sold on cyber-crime forums to allow miscreants to bypass Secure Boot and embed malware into the firmware, surviving operating system reboots." We all know that many websites have been hacked in the past, so it's certainly not impossible that criminals will be successful in infecting microcode/firmware. And there have been several examples of BIOS and UEFI rootkits in the past. What exactly is not possible?
