UEFITool / UEFIExtract / UEFIFind NE A70 : A Major Release

The latest version of UEFITool / UEFIExtract / UEFIFind, labeled as NE A70, marks a significant milestone in the evolution of these tools.

Released on March 13, 2025, this version transitions from hand-crafted parsers to those generated using the KaitaiStruct declarative DSL for all NVRAM parsers.

This shift enhances the tools’ efficiency and accuracy in handling complex binary data structures.

Key Features And Improvements

KaitaiStruct Integration:
- The use of KaitaiStruct allows for more robust and maintainable parsing of binary formats. This DSL simplifies the process of describing and parsing complex binary structures, making it easier to focus on data interpretation rather than the intricacies of binary parsing.
macOS Compatibility:
- The macOS applications are now ad-hoc signed, improving compatibility with modern macOS systems. This change reduces potential issues with macOS security policies, making the tools more user-friendly on Apple devices.
Insyde H2O Support:
- Added support for Insyde H2O FlashDeviceMap and new types of protected ranges stored in the flash area. This enhancement expands the tools’ capabilities in handling firmware components from Insyde, a leading UEFI firmware provider.
GUID Database Updates:
- The GUID database has been updated, ensuring that the tools can recognize and interpret a broader range of GUIDs used in UEFI firmware. This update is crucial for accurate parsing and analysis of UEFI components.
FFS Volume Detection:
- The tools now support detecting FFS (Firmware File System) volumes inside NVRAM volumes. This feature is particularly useful for analyzing and modifying firmware components stored in these volumes.

The UEFITool / UEFIExtract / UEFIFind NE A70 release represents a significant step forward in UEFI firmware analysis and modification.

By leveraging KaitaiStruct and incorporating new features and updates, these tools offer improved performance and functionality for users working with UEFI firmware.

Whether you’re a developer, researcher, or enthusiast, this release provides valuable enhancements for exploring and manipulating UEFI components.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.