Patents by Inventor William C. Munger
William C. Munger has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20260141073Abstract: A BIOS secure boot configuration modification source reporting system includes a computing device housing a BIOS that is coupled to a non-volatile memory subsystem and that includes a BIOS subsystem coupled to a BIOS database storing a secure boot configuration, and to a secure boot configuration modification source identifier storage.Type: ApplicationFiled: November 18, 2024Publication date: May 21, 2026Inventors: Wei Liu, Gong Wang, William C. Munger
-
Publication number: 20260141074Abstract: A BIOS secure boot configuration modification reporting system includes a computing device housing a non-volatile memory subsystem coupled to a BIOS having a BIOS database that stores a secure boot configuration. During a current initialization of the computing device, the BIOS uses the secure boot configuration to generate a current initialization hash value, determines whether the current initialization hash value matches a previous initialization hash value in the non-volatile memory subsystem that was generated using the secure boot configuration during a previous initialization of the computing device and, if not, generates an unexpected secure boot configuration modification message.Type: ApplicationFiled: November 21, 2024Publication date: May 21, 2026Inventors: Wei Liu, William C. Munger, Gong Wang
-
Patent number: 12417290Abstract: An information handling system includes multiple components including a first component. The first component includes a protected memory and a basic input/output system (BIOS). The protected memory stores a revoked versions list. The BIOS initializes a firmware update for a firmware image having a firmware version. The BIOS scans the revoked versions list for the firmware version of the firmware image. In response to the firmware version not being located within the revoked versions list, the BIOS completes the firmware update, and determines whether a revoked firmware version is included in the firmware update. In response to the revoked firmware version being included in the firmware update, the BIOS adds an entry in the revoked versions list. The entry is associated with the revoked firmware version included in the firmware update.Type: GrantFiled: July 21, 2022Date of Patent: September 16, 2025Assignee: Dell Products L.P.Inventors: William C. Munger, Mukund P. Khatri
-
Patent number: 12321459Abstract: An information handling system includes a memory and a baseboard management controller (BMC). The memory stores a secure boot policy for multiple input/output (I/O) devices in the information handling system. The BMC extracts a new firmware hash value from a firmware update package. The new firmware hash value is associated with a new firmware image of a first I/O device of the I/O devices. The BMC performs a firmware update for the first I/O device. In response to the firmware update being successfully completed, the BMC replaces an old firmware hash value with the new firmware hash value in the secure boot policy.Type: GrantFiled: July 21, 2022Date of Patent: June 3, 2025Assignee: Dell Products L.P.Inventors: Marshal F. Savage, William C. Munger
-
Patent number: 12001562Abstract: An information handling system includes a memory and a basic input/output system (BIOS). The memory stores a lookup table to associate each of a plurality of device firmware hashes with a corresponding one of a plurality of device identification strings. The BIOS calculates the each of the device firmware hashes. Each device firmware hash is associated with a different device firmware. The BIOS creates the lookup table based on the calculated device firmware hashes and the device identification strings. Based on the lookup table, the BIOS displays a secure boot allowed devices database list on a display device.Type: GrantFiled: July 21, 2022Date of Patent: June 4, 2024Assignee: Dell Products L.P.Inventors: William C. Munger, Marshal F. Savage
-
Patent number: 11989305Abstract: An information handling system includes a memory, a baseboard management controller (BMC), and a basic input/output system (BIOS). The memory stores a secure boot policy for a plurality of input/output (I/O) devices in the information handling system. The BMC performs a firmware update for a first I/O device of the I/O devices. In response to the firmware update being completed successfully, the BMC creates a system management task. During a next boot after the creation of the system management task, the BIOS detects the system management task. The BIOS calculates a new hash value for a firmware image of the firmware update. The BIOS replaces a previous hash value with the new hash value in the secure boot policy.Type: GrantFiled: July 21, 2022Date of Patent: May 21, 2024Assignee: Dell Products L.P.Inventors: Marshal F. Savage, William C. Munger
-
Publication number: 20240095009Abstract: An information handling system includes a protected memory that stores identifiers of locked down devices. The system receives a firmware update package for a device within the information handling system. The firmware update package includes a firmware update for the device. The system determines whether an identifier for the device is located within protected memory. If the identifier for the device is located within the protected memory, then the system prevents the firmware update for the device.Type: ApplicationFiled: September 15, 2022Publication date: March 21, 2024Inventors: Mukund P. Khatri, William C. Munger
-
Publication number: 20240028733Abstract: An information handling system includes a memory and a basic input/output system (BIOS). The memory stores a lookup table to associate each of a plurality of device firmware hashes with a corresponding one of a plurality of device identification strings. The BIOS calculates the each of the device firmware hashes. Each device firmware hash is associated with a different device firmware. The BIOS creates the lookup table based on the calculated device firmware hashes and the device identification strings. Based on the lookup table, the BIOS displays a secure boot allowed devices database list on a display device.Type: ApplicationFiled: July 21, 2022Publication date: January 25, 2024Inventors: William C. Munger, Marshal F. Savage
-
Publication number: 20240028730Abstract: An information handling system includes multiple components including a first component. The first component includes a protected memory and a basic input/output system (BIOS). The protected memory stores a revoked versions list. The BIOS initializes a firmware update for a firmware image having a firmware version. The BIOS scans the revoked versions list for the firmware version of the firmware image. In response to the firmware version not being located within the revoked versions list, the BIOS completes the firmware update, and determines whether a revoked firmware version is included in the firmware update. In response to the revoked firmware version being included in the firmware update, the BIOS adds an entry in the revoked versions list. The entry is associated with the revoked firmware version included in the firmware update.Type: ApplicationFiled: July 21, 2022Publication date: January 25, 2024Inventors: William C. Munger, Mukund P. Khatri
-
Publication number: 20240028735Abstract: An information handling system includes a memory, a baseboard management controller (BMC), and a basic input/output system (BIOS). The memory stores a secure boot policy for a plurality of input/output (I/O) devices in the information handling system. The BMC performs a firmware update for a first I/O device of the I/O devices. In response to the firmware update being completed successfully, the BMC creates a system management task. During a next boot after the creation of the system management task, the BIOS detects the system management task. The BIOS calculates a new hash value for a firmware image of the firmware update. The BIOS replaces a previous hash value with the new hash value in the secure boot policy.Type: ApplicationFiled: July 21, 2022Publication date: January 25, 2024Inventors: Marshal F. Savage, William C. Munger
-
Publication number: 20240028734Abstract: An information handling system includes a memory and a baseboard management controller (BMC). The memory stores a secure boot policy for multiple input/output (I/O) devices in the information handling system. The BMC extracts a new firmware hash value from a firmware update package. The new firmware hash value is associated with a new firmware image of a first I/O device of the I/O devices. The BMC performs a firmware update for the first I/O device. In response to the firmware update being successfully completed, the BMC replaces an old firmware hash value with the new firmware hash value in the secure boot policy.Type: ApplicationFiled: July 21, 2022Publication date: January 25, 2024Inventors: Marshal F. Savage, William C. Munger
-
Patent number: 10831897Abstract: A method and an information handling system (IHS) for authenticating unified extensible firmware interface (UEFI) images in an IHS. The method includes receiving, by a processor of the IHS, a request to authenticate an image. The method also includes determining a type of the image and retrieving, from an entry within a UEFI signature database, a certificate utilized to sign the image. The method further includes determining a verification entry of a verification database of the HIS that corresponds to the entry of the UEFI signature database and identifying, from the verification entry, a particular type of image which the certificate may be used to authenticate. The method further includes determining whether the type of the image is the particular type. In response to determining the type of the image is the particular type, the method includes authenticating the image using the certificate.Type: GrantFiled: July 14, 2017Date of Patent: November 10, 2020Assignee: Dell Products, L.P.Inventors: Mukund P. Khatri, William C. Munger
-
Patent number: 10824724Abstract: A method, an information handling system (IHS) and a detection system for detecting runtime tampering of unified extensible firmware interface (UEFI) images in an IHS. The method includes retrieving, via a board management controller (BMC) from a first memory device, a first UEFI driver associated with a first component of the IHS. The method also includes generating a first hash of the first UEFI driver and retrieving, from a second memory device, a second hash associated with an initial first UEFI driver of the first component of the IHS. The method further includes determining if the first hash and the second hash match, and in response to the first hash and the second hash not matching, generating an error message that indicates detection of runtime tampering with the first UEFI driver and storing the error message to an error log.Type: GrantFiled: June 2, 2017Date of Patent: November 3, 2020Assignee: Dell Products, L.P.Inventors: Mukund P. Khatri, William C. Munger
-
Patent number: 10540501Abstract: A method, information handling system (IHS) and a recovery system for recovering an IHS from a secure boot authentication failure. The method includes retrieving, via a processor from a first memory device, a first unified extensible firmware interface (UEFI) driver associated with a first component/device of the IHS. The method further includes determining, via a secure boot process, if the first UEFI driver is an authenticated UEFI driver. In response to determining that the first UEFI driver is not an authenticated driver, a previously validated UEFI driver corresponding to the first component/device is retrieved from a second memory device. The method further includes loading the previously validated UEFI driver.Type: GrantFiled: June 2, 2017Date of Patent: January 21, 2020Assignee: Dell Products, L.P.Inventors: Mukund P. Khatri, William C. Munger
-
Patent number: 10467439Abstract: A method, an information handling system (IHS) and a detection system for detecting tampering of memory contents. The method includes retrieving, via a board management controller (BMC), from a first memory device, a first hash associated with current first data such as a firmware image stored on the first memory device and retrieving, from a second memory device, a previously stored second hash associated with initial first data. The method further includes determining if the first hash and the second hash match. In response to the first hash and the second hash not matching, an error message is generated which indicates that the current first data of the first memory device has been tampered with. The error message is stored to an error log. The error message identifies the specific current first data and/or firmware image that has been tampered with. The method repeats periodically during runtime.Type: GrantFiled: July 5, 2017Date of Patent: November 5, 2019Assignee: Dell Products, L.P.Inventors: Mukund P. Khatri, William C. Munger
-
Patent number: 10467015Abstract: An information handling system includes a non-volatile memory device for storing basic input-output system (BIOS) firmware. The system also includes a service processor that is coupled to the first non-volatile memory. The service processor initiates access to the first non-volatile memory, and stores configuration information at the non-volatile memory device. The configuration information can include Unified Extensible Firmware Interface (UEFI) Human Interface Infrastructure (HII) strings.Type: GrantFiled: September 8, 2015Date of Patent: November 5, 2019Assignee: Dell Products, LPInventors: Sundar Dasar, Yogesh P. Kulkarni, William C. Munger, Mukund P. Khatri
-
Publication number: 20190018966Abstract: A method and an information handling system (IHS) for authenticating unified extensible firmware interface (UEFI) images in an IHS. The method includes receiving, by a processor of the IHS, a request to authenticate an image. The method also includes determining a type of the image and retrieving, from an entry within a UEFI signature database, a certificate utilized to sign the image. The method further includes determining a verification entry of a verification database of the HIS that corresponds to the entry of the UEFI signature database and identifying, from the verification entry, a particular type of image which the certificate may be used to authenticate. The method further includes determining whether the type of the image is the particular type. In response to determining the type of the image is the particular type, the method includes authenticating the image using the certificate.Type: ApplicationFiled: July 14, 2017Publication date: January 17, 2019Inventors: MUKUND P. KHATRI, WILLIAM C. MUNGER
-
Publication number: 20190012490Abstract: A method, an information handling system (IHS) and a detection system for detecting tampering of memory contents. The method includes retrieving, via a board management controller (BMC), from a first memory device, a first hash associated with current first data such as a firmware image stored on the first memory device and retrieving, from a second memory device, a previously stored second hash associated with initial first data. The method further includes determining if the first hash and the second hash match. In response to the first hash and the second hash not matching, an error message is generated which indicates that the current first data of the first memory device has been tampered with. The error message is stored to an error log. The error message identifies the specific current first data and/or firmware image that has been tampered with. The method repeats periodically during runtime.Type: ApplicationFiled: July 5, 2017Publication date: January 10, 2019Inventors: MUKUND P. KHATRI, WILLIAM C. MUNGER
-
Publication number: 20180349607Abstract: A method, information handling system (IHS) and a recovery system for recovering an IHS from a secure boot authentication failure. The method includes retrieving, via a processor from a first memory device, a first unified extensible firmware interface (UEFI) driver associated with a first component/device of the IHS. The method further includes determining, via a secure boot process, if the first UEFI driver is an authenticated UEFI driver. In response to determining that the first UEFI driver is not an authenticated driver, a previously validated UEFI driver corresponding to the first component/device is retrieved from a second memory device. The method further includes loading the previously validated UEFI driver.Type: ApplicationFiled: June 2, 2017Publication date: December 6, 2018Inventors: MUKUND P. KHATRI, WILLIAM C. MUNGER
-
Publication number: 20180349604Abstract: A method, an information handling system (IHS) and a detection system for detecting runtime tampering of unified extensible firmware interface (UEFI) images in an IHS. The method includes retrieving, via a board management controller (BMC) from a first memory device, a first UEFI driver associated with a first component of the IHS. The method also includes generating a first hash of the first UEFI driver and retrieving, from a second memory device, a second hash associated with an initial first UEFI driver of the first component of the IHS. The method further includes determining if the first hash and the second hash match and in response to the first hash and the second hash not matching, generating an error message that indicates detection of runtime tampering with the first UEFI driver and storing the error message to an error log. The matching of the first hash and the second hash indicates that no runtime tampering of the UEFI drivers and images has been detected.Type: ApplicationFiled: June 2, 2017Publication date: December 6, 2018Inventors: MUKUND P. KHATRI, WILLIAM C. MUNGER