What is BIOS and how does it work?

Before your desktop shows icons and wallpaper, your computer runs a hidden startup sequence. BIOS powers this routine.

BIOS (Basic Input/Output System) is firmware that prepares your hardware and boots your operating system. It connects hardware and software, ensuring they communicate properly. It secures your system and manages performance. 

This guide explains what BIOS is, how it works, and why it matters.

What is BIOS?

BIOS (Basic Input/Output System) is firmware stored on a motherboard chip that initializes hardware during the boot process. It executes a Power-On Self-Test (POST), identifies the bootloader, and manages data flow between the operating system (OS) and peripheral devices.

Early history of BIOS

Computer scientist Gary Kildall created BIOS in 1975 for his CP/M operating system. In 1981, IBM built its own BIOS for the IBM PC.

Other companies like AMI and Phoenix Technologies reverse-engineered IBM's BIOS to create compatible versions. This led to the PC clone market and explosive industry growth.

Early BIOS lived on read-only memory (ROM) chips. Later, reprogrammable chips like EPROM and flash memory made updates easier. Eventually, BIOS limitations led to UEFI—a faster, more secure replacement.

What is the purpose of BIOS?

BIOS initializes and tests system hardware to ensure essential components work. Then it identifies a boot device, loads its boot sector, and hands control to the bootloader, which loads the operating system.

BIOS also provides an abstraction layer for hardware. Without it, the OS would need exact specifications for every keyboard, mouse, hard drive, and graphics card brand. BIOS translates OS instructions into low-level commands each hardware component understands.

How does BIOS work?

Here is a quick rundown of how BIOS works in a sequential order:

• Power-up: The CPU locates the BIOS in non-volatile motherboard memory.

• POST: The firmware runs diagnostics on the CPU, RAM, and storage controllers.

• Hardware Initialization: The system readies the keyboard, display, and storage for use.

• Boot Selection: BIOS identifies the primary boot device based on the pre-configured order in CMOS settings.

• Loading: The firmware reads the 512-byte Master Boot Record (MBR) or EFI System Partition (ESP) into memory.

• Handoff: Control passes to the OS kernel to complete system initialization.

Additional read: A guide to high-quality network design for MSPs

What are the different types of BIOS?

Mainly, there are two primary types of system firmware: Legacy BIOS and UEFI. BIOS, as we know, is the original firmware, and UEFI is the modern replacement with advanced features. Here, we discuss how firmware has evolved, from the text-based Legacy BIOS to the UEFI and some of its equivalents.  

1. Legacy BIOS

Legacy BIOS refers to the original BIOS interface that was used in older PCs and stored on ROM. It performs hardware initialization sequentially and uses the Master Boot Record (MBR) for the boot process.

2. Extensible Framework Interface (EFI)

Originally developed by Intel in the late 1990s and early 2000s, EFI allowed modular firmware architecture, enhanced boot management, and better hardware abstraction. It also provided a more scalable and flexible pre-operating system environment.

3. Unified Extensible Firmware Interface (UEFI)

UEFI is the modern evolution of EFI, standardized and maintained by the UEFI Forum. It has largely replaced legacy BIOS and EFI in modern PCs, bringing improvements such as Secure Boot, faster parallel initialization of hardware, and comprehensive support for large drives via GPT.

4. Mac equivalent

For Apple Mac systems, the equivalent BIOS firmware interface was Open Firmware, based on the Open Firmware standard created by Sun Microsystems and other industry partners. It provided hardware initialization and boot management, similar to BIOS, on Mac PCs. But when Apple transitioned to Intel processors in 2006, it replaced Open Firmware with EFI. On Apple Silicon Macs, iBoot, a secure bootloader, further replaces EFI. 

What are the key functions of BIOS?

From testing and initializing hardware to loading the operating system, BIOS carries out its work through four key functions. Let us take a detailed look at each of these functions.

1. Power-On Self-Test (POST)

During POST, BIOS verifies essential hardware components through diagnostic tests.

BIOS tests your processor first. Then it fetches and executes its own code from ROM or flash memory, checking for corruption. RAM gets scanned for errors. Essential peripherals like your keyboard and hard drive are checked. BIOS compares system settings with data stored in CMOS memory, which holds your system's hardware configuration.

If errors occur, BIOS stops the boot process immediately. You'll see an error message on screen or hear beep codes.

2. Bootstrap loader

After POST completes, BIOS locates and loads the operating system's bootloader from storage into memory.

BIOS checks storage devices, hard drives, SSDs, USB drives—in a pre-configured order you can change in BIOS settings. Once it finds a bootable device, it looks for the boot sector. On MBR drives, this is the first sector of the disk.

BIOS reads this boot sector code and loads it into memory. Then it hands control to the bootloader, Windows Boot Manager or GRUB for Linux—which loads the full operating system.

3. BIOS drivers

BIOS drivers are small programs stored in BIOS ROM. They let the CPU communicate with basic hardware, keyboard for input, video card for display, and hard drives for storage.

These drivers are extremely basic. They provide just enough functionality to complete the boot process. Once the OS loads, it replaces them with comprehensive drivers that enable full hardware functionality.

4. BIOS (CMOS) setup

BIOS also includes a CMOS setup interface where users can configure hardware-level options such as system clock, boot order, and security settings. These configuration options are saved in a small Complementary Metal-Oxide-Semiconductor (CMOS) memory chip on the motherboard.

Additional read: 4 ways intelligent alerting can transform your MSP business

Why is BIOS so important?

BIOS acts as your computer's initial brain. Without it, your system wouldn't know how to start, what hardware is connected, or how to load the operating system.

• Verifies hardware works properly and locates the boot device.

• Protects systems from security threats through regular updates.

• Gives IT professionals granular control over hardware settings to improve speed, reliability, and scalability.

Learn how Peak Technology doubled its efficiency with SuperOps. Read Here

How to update BIOS safely?

BIOS updates patch security holes, add hardware support, and improve stability. But if an update gets interrupted, your motherboard can become unusable.

1. Check version and download the right file

Check your current BIOS version in system settings. Go to your manufacturer's website and enter your exact model number. Download only the file that matches your hardware. Read what the update fixes before proceeding.

2. Prepare your system

Use a UPS or ensure stable power. Close all programs. Turn off antivirus temporarily. Back up your data.

3. Pick an update method

Run the manufacturer's Windows utility from your desktop. Or use the flash utility inside BIOS setup. The safest option: boot from a USB drive with the BIOS file on it.

4. Run the update and verify

Don't turn off your computer during the update. Let it finish completely, even if it looks frozen. The system will restart on its own. After restart, enter BIOS setup and confirm the new version installed. Reconfigure your settings if needed.

5. When to update (and when not to)

Update when security patches are released, you need new CPU or RAM support, hardware problems persist, or the manufacturer says it's critical.

Skip updates when your system works fine, the update only adds features you won't use, or you can't guarantee steady power.

How does BIOS keep systems secure?

The BIOS is not just about getting your system started; it is also your computer’s initial line of defense. It sets the rules for security long before the operating system even starts to load.

Key security features of a BIOS include:

• BIOS passwords: A BIOS password can be set to protect the firmware's settings and to prevent the system from booting entirely without a valid password. This provides a basic layer of protection against unauthorized access.

• Boot order control: By controlling the boot order, a BIOS can prevent an unauthorized user from booting from a removable device (like a USB drive) and gaining access to data or installing a different operating system.

• Trusted Platform Module (TPM) support: On some motherboards, the BIOS can be configured to work with a TPM, a dedicated hardware chip that stores cryptographic keys. This enables features like full-disk encryption (e.g., BitLocker in Windows) by securely tying the encryption keys to the specific hardware.

• Secure Boot: A feature of UEFI, the modern firmware, Secure Boot ensures that only signed and trusted bootloaders or operating systems can run. This prevents malware or unauthorized software from loading before the OS, strengthening the overall security of the system.

Additional read: Maximizing security and efficiency with the SuperOps and ESET integration

What is the difference between BIOS and UEFI?

UEFI is a modern firmware interface that is designed to replace legacy BIOS. While both perform the same basic function of preparing a computer to boot an operating system, UEFI offers many advancements over the decades-old BIOS architecture. Let us understand their differences with the help of this table. 

Additional read: Know your storage formats - key differences between NTFS and FAT

How to access BIOS?

You can access the BIOS setup using different methods. Here are the most common ways to access BIOS on your devices:

1. Using the BIOS setup key during startup

• Turn on or restart your computer.

• Press the BIOS setup key repeatedly immediately after powering on until the BIOS menu appears.

• The exact key might depend on your computer or motherboard brand (e.g., F2 or Del for Asus, F10 for HP, F12 for Dell, F1 or F2 for Lenovo).

2. Access BIOS via Windows Settings

• Open Settings > System > Recovery. For Windows 10 users, go to Settings > Update & Security > Recovery.

• Under Advanced Startup, click Restart now. Your system will reboot to a special menu.

• When the computer restarts, select Troubleshoot, then Advanced options, then UEFI Firmware Settings.

• Click Restart to boot directly into BIOS.

3. Restart with the Shift key

• In Windows, hold the Shift key and click Restart from the Start menu or power options.

• The system reboots to the Advanced Startup Options menu.

• Select Troubleshoot > Advanced options > UEFI Firmware Settings.

• Click Restart to enter BIOS.

What are the uses of BIOS?

Once inside the BIOS Setup Utility, you can use the menu to view system information, modify hardware configurations, and enable/disable certain features. It can be used to:

• Change the boot order.

• Restore the manufacturer’s default settings in case of misconfiguration.

• Update the firmware by using built-in update tools or utilities provided by the manufacturer.

• Change the drive and memory setting.

• See the total memory installed, including speed and slot usage.

• Adjust cooling profiles for better temperature management.

• Monitor real-time system health.

• Observe voltage readings for CPU, RAM, and motherboard components.

Additional read: Benefits of having network monitoring together with your unified platform

What are common BIOS errors and their fixes?

Common BIOS error codes are typically signaled through beeps or on-screen messages. In addition to that, you may encounter issues like a boot loop, update issues, or a BIOS crash and freeze. All these errors and their fixes are discussed below. 

1. Failed to overclock error

This error often appears when BIOS settings have been cleared or when an overclock attempt fails. Overclocking RAM or CPU pushes hardware beyond its design limits, increasing heat and potentially damaging components.

Fix: Restore BIOS settings to optimized defaults by loading a pre-saved BIOS profile or resetting BIOS to defaults.

2. Short beeps

BIOS beep codes are audio signals that indicate hardware problems during POST. The pattern and number of beeps vary by manufacturer (AMI, Award/Phoenix, IBM). Here's a comprehensive reference:

AMI BIOS Beep Codes:

• 1 beep: DRAM refresh failure - RAM issue

• 2 beeps: Parity circuit failure - RAM parity error

• 3 beeps: Base 64KB RAM failure - First 64KB of RAM failed

• 4 beeps: System timer failure - Motherboard timer chip issue

• 5 beeps: Processor failure - CPU not functioning

• 6 beeps: Keyboard controller failure - Keyboard chip error

• 7 beeps: Virtual mode exception error - CPU issue

• 8 beeps: Display memory error - Graphics card RAM failure

• 9 beeps: ROM checksum error - BIOS chip corrupted

• 10 beeps: CMOS shutdown register error - Motherboard issue

• 11 beeps: Cache memory error - L2/L3 cache failure

Award/Phoenix BIOS Beep Codes:

• 1 long, 2 short: Video card error - GPU or connection issue

• 1 long, 3 short: Video card error - No video card or failure

• Continuous beeping: RAM or video card not seated properly

• Repeating short beeps: Power supply or motherboard failure

• 1 long, 1 short: Motherboard issue

• High-low siren: CPU overheating or failure

IBM BIOS Beep Codes:

• No beep: Power supply or motherboard failure

• Continuous beep: Power supply issue

• Repeating short beeps: Power supply or motherboard

• 1 short beep: Normal POST - system OK

• 2 short beeps: POST error - check screen for code

Check and replace the RAM or the motherboard if faulty. For video errors, reseat or replace graphics card. For CPU errors, check cooling and reseating.

3. BIOS boot loop (Constant restarting)

This happens when the PC powers on, shows a logo or fan noise, but then restarts repeatedly without booting into Windows. This can happen when your system has corrupted BIOS settings or failed overclocking attempts, or incompatible new hardware like RAM or CPU.

Fix: Perform a CMOS reset by removing the motherboard battery for 5 minutes or using the CMOS jumper. If a BIOS update causes this issue, reflash the BIOS using a recovery tool or the USB flashback feature. 

Always update BIOS with stable power to avoid interruptions.

4. BIOS not detecting boot drive

When the BIOS does not find the bootable drive, you can face “No bootable device” errors. This can be due to loose cables, inaccurate boot priority, physical drive failure, or SATA port disabling (e.g., when using M.2 SSDs).

Fix: Enter BIOS settings and verify the drive is detected under Storage/Boot options. You can try checking the physical connections and changing SATA ports if applicable..

5. BIOS freezing or crashing

If the BIOS menu is unresponsive or the system freezes during the POST, this can be due to a corrupted BIOS firmware, faulty RAM, a failing motherboard, or defective peripherals.

Fix: Disconnect non-essential USB devices, test RAM sticks one by one, and if available, use dual BIOS recovery features or reflash BIOS. You may need to replace the motherboard if the hardware is failing.

6. Stuck on “Press F1 to Continue” screen

BIOS halts with this prompt due to detected but unresolvable issues, for example, CMOS checksum errors from a weak battery, improper boot device settings, or fan sensor errors.

Fix: Replace the CMOS battery if the clock resets, set the boot devices correctly, disable faulty fan sensors in BIOS hardware monitoring, and save changes before exiting.

7. BIOS password problems

Lost or forgotten BIOS passwords can lock you out of BIOS settings or prevent system boot.

Fix: Reset the CMOS by removing the battery or clearing the jumper. For branded systems, manufacturer master passwords may be needed, requiring contact with support.

8. Failed BIOS update

A partial or interrupted BIOS update can brick the motherboard or cause boot failure.

Fix: Use the built-in BIOS recovery or Flashback functions, if available, by connecting a USB drive with the correct BIOS file. If this does not work, then, as a last resort, professional reprogramming of the BIOS chips may be necessary.

Additional read: Mistakes to avoid when creating backups

What are common BIOS configuration settings and their impact?

Here are some of the system settings you can configure from the BIOS setup:

1. Boot order / Boot priority

Controls which device the PC tries to boot from first (e.g., hard drive, USB, optical drive). Setting your primary OS drive first speeds up boot time and prevents boot failure from incorrect devices.

2. System date and time

Ensures the internal clock is accurate, which affects file timestamps, logs, and security certificates.

3. CPU settings

Includes enabling/disabling CPU cores, hyper-threading, virtualization support, and overclocking. Overclocking usually boosts CPU speed but might increase heat and power usage, which increases the risk of instability if not done carefully.

4. Memory settings

Adjust RAM speed, timings, and enable features like XMP (Extreme Memory Profile) for optimized performance.

5. Power management

Configures system power-saving features, sleep modes, and actions related to power button presses, affecting energy consumption and responsiveness.

6. Security settings

Set BIOS passwords to prevent unauthorized changes, enable Secure Boot to protect boot integrity, and disable unused ports or devices for enhanced security.

7. Integrated peripherals

Enable or disable onboard devices like audio, USB controllers, network adapters, or legacy ports, impacting hardware availability.

8. Fan control and thermal monitoring

Adjust fan speeds and temperature thresholds to balance cooling performance with noise levels.

9. SATA Mode

Determines how storage drives communicate with the system. AHCI enables modern features like hot-swapping and NCQ, improving SSD performance.

10. Quick boot and POST settings

This enables faster boot by skipping certain hardware tests, but disabling these can help with troubleshooting hardware issues.

Additional read: How to use Windows Command Prompt: The ultimate guide

11. Virtualization technology (Intel VT-x / AMD-V)

Enables hardware-level virtualization support required for running virtual machines (VMs) using software like VMware, VirtualBox, or Hyper-V. When disabled, VM performance suffers or VMs won't run at all. Essential for developers, IT professionals, and anyone running multiple operating systems.

12. Intel Management Engine (ME) / AMD Platform Security Processor (PSP)

Embedded subsystem that operates independently of the main CPU and OS, providing remote management capabilities, hardware-level security features, and system monitoring. Can be partially disabled in some BIOS implementations for privacy-conscious users, though some functionality may be lost.

13. Legacy USB Support

Allows USB keyboards and mice to function in environments that don't have native USB drivers, such as DOS or during OS installation. Disable this on modern systems to reduce attack surface and improve boot times, unless you need USB input during legacy OS installation.

How to secure your BIOS?

Due to its low-level access to hardware, BIOS presents a prime target for sophisticated attacks. Hackers can directly target the BIOS to introduce malicious code in the system. In fact, the importance of BIOS security has been highlighted by several notable incidents. 

For example, in a Cylance demonstration, security researchers showed how attackers could manipulate the BIOS to disable crucial security features, allowing malware to survive a complete operating system reinstall. 

Moreover, the Plundervolt attack revealed a vulnerability in Intel's CPUs that allowed attackers to manipulate voltage settings to bypass security protections within the CPU's firmware, clearly showing that even low-level hardware can be a vector for attack. 

Understanding BIOS-level threats

BIOS runs below the operating system, making it a target for persistent, hard-to-detect malware. Primary threats include:

• Rootkits and bootkits: Malicious programs that infect firmware directly. They survive OS reinstalls, disk formatting, and antivirus scans. The Hacking Team UEFI rootkit (2015) maintained persistent control over infected systems.

• Firmware implants: Nation-state actors deploy firmware-level implants that traditional security tools can't detect. LoJax malware (2018) was the first documented UEFI rootkit used in real attacks against government organizations.

• BIOS downgrade attacks: Attackers install older firmware versions with known vulnerabilities, then exploit those flaws to gain persistent access.

• Side-channel attacks: Advanced attacks like Plundervolt manipulate voltage settings at the firmware level to bypass CPU security features like Intel SGX.

• Supply chain attacks: Compromised firmware introduced during manufacturing or through fake BIOS updates. Once installed, malicious firmware is extremely difficult to detect and remove.

What are best practices to keep BIOS safe?

Here are some of the best practices you can follow to keep your BIOS safe:

• Set strong BIOS passwords: Use strong passwords that include uppercase, lowercase, numbers, and special characters. Also, change your passwords periodically and keep them secure.

• Enable Secure Boot: Secure Boot, a UEFI feature, ensures only trusted, signed bootloaders and operating systems can load during startup, preventing bootkits and rootkits. It also blocks unauthorized or malicious software from running at the boot level.

• Keep BIOS firmware updated: Regularly check for and apply BIOS updates from your hardware or motherboard manufacturer. Updates include patches for vulnerabilities and improve system security and stability. Use official sources to update the BIOS and follow the vendor's instructions carefully.

• Restrict physical access: Prevent unauthorized physical access to your computer or motherboard. Use chassis locks or store systems in secure locations since physical access can allow BIOS tampering or resetting of passwords.

• Configure BIOS to limit boot devices: Set BIOS to boot only from trusted devices, disabling booting from unauthorized USB drives or external media. This reduces the risk of booting from malicious devices.

Additional read: Crank up platform security with password policy, IP whitelisting, 2FA, and more

Final thoughts

From initializing critical computer hardware to handing control over to the operating system, BIOS ensures your system starts smoothly without any hiccups. Just as important is its role as the first gatekeeper of your system’s security. 

Keeping your BIOS secure means following a few best practices: updating firmware regularly, enabling built-in security features, setting strong administrative passwords, and restricting unauthorized access. These steps ensure that the foundation of your system remains stable and uncompromised. 

But in modern IT environments, manual oversight is not enough. That is where platforms like SuperOps can be of great value. With its powerful endpoint management and security capabilities, SuperOps allows IT teams to proactively monitor devices using remote access, automate routine fixes in real time, and enforce compliance from a single, centralized platform, keeping systems secure, efficient, and free from disruptions. 

Book a demo now.