US 12,406,064 B2
Pre-boot context-based security mitigation
Gokul Thiruchengode Vajravel, Bangalore (IN); Ibrahim Sayyed, Georgetown, TX (US); and Daniel L. Hamlin, Round Rock, TX (US)
Assigned to Dell Products L.P., Round Rock, TX (US)
Filed by Dell Products L.P., Round Rock, TX (US)
Filed on May 18, 2022, as Appl. No. 17/747,647.
Prior Publication US 2023/0418947 A1, Dec. 28, 2023
Int. Cl. G06F 21/57 (2013.01); G06F 21/55 (2013.01)
CPC G06F 21/575 (2013.01) [G06F 21/552 (2013.01); G06F 21/554 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
determining, by a processor, a pre-boot security posture of an information handling system by capturing state of a basic input/output system (BIOS) security indicator during a boot device selection phase of a boot process. wherein the pre-boot security posture indicates a pre-boot security status of an external device associated with the information handling system;
updating an advanced configuration and power interface mitigation table based on the pre-boot security posture according to the state of the BIOS security indicator;
receiving a security mitigation policy;
updating a security mitigation table based on the security mitigation policy;
determining a security mitigation corresponding to the pre-boot security posture captured during the boot device selection phase of the boot process, wherein the security mitigation is based on a protection flag in the advanced configuration and power interface mitigation table and the security mitigation table; and
applying the security mitigation by an operating system to mitigate the pre-boot security status of the external device.