Bootstrap OS protection and recovery

US 8,793,477 B2
Filed: 02/12/2008
Issued: 07/29/2014
Est. Priority Date: 02/12/2008
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

reading, upon a completion of at least one power-on self-test operation, stored status information indicating whether a network connectivity was available a last time an operating system of a computer system was operational;

loading a stand-alone network driver that does not involve the operating system, when the stored status information indicates that the network connectivity was not available;

when the stored status information indicates that the network connectivity was not available, using the stand-alone network driver to obtain a software patch from a device on a network, wherein the software patch is for software of the computer system; and

executing and applying the software patch.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, system, and computer program product for protecting a computer system provides bootstrap operating system detection and recovery and provides the capability to detect malware, such as rootkits, before the operating system has been loaded and provides the capability to patch malfunctions that block the ability of the computer system to access the Internet. A method for protecting a computer system includes reading stored status information indicating whether network connectivity was available the last time an operating system of the computer system was operational, when the stored status information indicates that network connectivity was not available, obtaining a software patch, and executing and applying the software patch.

21 Citations

View as Search Results

20 Claims

1. A method, comprising:
- reading, upon a completion of at least one power-on self-test operation, stored status information indicating whether a network connectivity was available a last time an operating system of a computer system was operational;
  
  loading a stand-alone network driver that does not involve the operating system, when the stored status information indicates that the network connectivity was not available;
  
  when the stored status information indicates that the network connectivity was not available, using the stand-alone network driver to obtain a software patch from a device on a network, wherein the software patch is for software of the computer system; and
  
  executing and applying the software patch.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the reading is performed before the operating system of the computer system is operational.
  - 3. The method of claim 2, further comprising:
    - scanning files to complete a boot process to determine an integrity of the files, the boot process including the at least one power-on self-test operation; and
      
      if the integrity of the files is intact, completing the boot process.
  - 4. The method of claim 3, further comprising:
    - if the integrity of the files is not intact, taking a corrective action.
  - 5. The method of claim 4, wherein the corrective action comprises halting the boot process, or restoring the files along with completing the boot process.
  - 6. The method of claim 3, further comprising:
    - upon a completion of the boot process, determining whether a network connectivity is available; and
      
      storing status information indicating whether a network connectivity is available.
  - 7. The method of claim 1, further comprising:
    - performing a hash to identify whether the software includes an error.
  - 8. The method of claim 7, wherein the software is anti-malware software.

9. A computer system, comprising:
- a processor operable to execute computer program instructions; and
  
  a memory operable to store the computer program instructions, such thatthe processor is configured to read, upon a completion of at least one power-on self-test operation, stored status information indicating whether a network connectivity was available a last time an operating system of the computer system was operational, to load a stand-alone network driver that does not involve the operating system, when the stored status information indicates that the network connectivity was not available, to use the stand-alone network driver to obtain a software patch from a device on a network, when the stored status information indicates that the network connectivity was not available, and to execute and apply the software patch, wherein the software patch is for software of the computer system.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The computer system of claim 9, wherein the processor reads the stored status information before the operating system of the computer system is operational.
  - 11. The computer system of claim 10, wherein the processor is configured to scan files to complete a boot process to determine an integrity of the files, the boot process including the at least one power-on self-test operation, and, if the integrity of the files is intact, to complete the boot process.
  - 12. The computer system of claim 11, further comprising:
    - if the integrity of the files is not intact, taking a corrective action.
  - 13. The computer system of claim 12, wherein the corrective action comprises halting the boot process, or restoring the files along with completing the boot process.
  - 14. The computer system of claim 13, further comprising:
    - upon a completion of the boot process, determining whether a network connectivity is available; and
      
      storing status information indicating whether a network connectivity is available.

15. A computer program product that includes a non-transitory computer readable storage medium and computer program instructions for performing operations, the operations comprising:
- reading, upon a completion of at least one power-on self-test operation, stored status information indicating whether a network connectivity was available a last time an operating system of a computer system was operational;
  
  loading a stand-alone network driver that does not involve the operating system, when the stored status information indicates that the network connectivity was not available;
  
  using the stand-alone network driver to obtain a software patch from a device on a network, when the stored status information indicates that the network connectivity was not available, wherein the software patch is for software of the computer system; and
  
  executing and applying the software patch.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer program product of claim 15, wherein the reading is performed before the operating system of the computer system is operational.
  - 17. The computer program product of claim 16, the operations further comprising:
    - scanning files to complete a boot process to determine an integrity of the files, the boot process including the at least one power-on self-test operation; and
      
      if the integrity of the files is intact, completing the boot process.
  - 18. The computer program product of claim 17, the operations further comprising:
    - if the integrity of the files is not intact, taking a corrective action.
  - 19. The computer program product of claim 18, wherein the corrective action comprises halting the boot process.
  - 20. The computer program product of claim 19, the operations further comprising:
    - upon a completion of the boot process, determining whether a network connectivity is available; and
      
      storing status information indicating whether a network connectivity is available.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Horvath, Akos, Faieta, Alessandro
Primary Examiner(s)
Schwartz, Darren B

Application Number

US12/068,834
Publication Number

US 20090205045A1
Time in Patent Office

2,359 Days
Field of Search

726 22- 25, 713/2, 717171-173
US Class Current

713/2
CPC Class Codes

G06F 21/56   Computer malware detection ...

G06F 21/572   Secure firmware programming...

G06F 21/575   Secure boot

G06F 2221/034   Test or assess a computer o...

G06F 9/4406   Loading of operating system

H04L 63/1416   Event detection, e.g. attac...

Bootstrap OS protection and recovery

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

21 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Bootstrap OS protection and recovery

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links