Can a virus hide in a PCs CMOS memory?
No. The CMOS RAM in which PC system information is stored and backed up by batteries is accessible through the I/O ports and not directly addressable. That is, in order to read its contents you have to use I/O instructions rather than standard memory addressing techniques. Therefore, anything stored in CMOS is not directly “in memory”. Nothing in a normal machine loads the data from CMOS and executes it, so a virus that “hid” in CMOS RAM would still have to infect an executable object of some kind in order to load and execute whatever had been written to CMOS. A malicious virus can of course alter values in the CMOS as part of its payload, but it can’t spread through, or hide itself in, the CMOS. Further, most PCs have only 64 bytes of CMOS RAM and the use of the first 48 bytes of this is predetermined by the IBM AT specification. Several BIOS’es also use many of the “extra” bytes of CMOS to hold their own, machine-specific settings. This means that anything that a virus stores in CMOS