Francais | English | Espanõl

From Wikipedia, the free encyclopedia

A boot sector is a sector of a hard disk, floppy disk, or similar data storage device that contains code for bootstrapping programs (usually, but not necessarily, operating systems) stored in other parts of the disk.

[edit] Kinds of boot sectors

There are two major kinds of boot sectors:

• A Volume Boot Record is the first sector of a data storage device that has not been partitioned, or the first sector of an individual partition on a data storage device that has been partitioned. It contains code to load and invoke the operating system (or other standalone program) installed on that device or within that partition. It is required to have two bytes (0x55AA) called boot sector signature at the end of the sector to be a valid boot sector; either BIOS software or MBR code would report an error message and hang up the operating system loading process otherwise.
• A Master Boot Record is the first sector of a data storage device that has been partitioned. It contains code to locate the active partition and to invoke its Volume Boot Record.

On IBM PC compatible machines, the BIOS is ignorant of the distinction between VBRs and MBRs, and of partitioning. The firmware simply loads and runs the first sector of the storage device. If the device is a floppy disk, that will be a VBR. If the device is a hard disc, that will be an MBR. It is the code in the MBR that understands disc partitioning, and that is responsible for in turn loading and running the VBR of the active (primary) partition.

[edit] Boot sectors and computer viruses

Boot sectors are one mechanism by which computer viruses gain control of a system. Boot sector infector viruses replace the bootstrap code in the boot sectors (of floppy disks, hard disks, or both) with viral code.

As well as being ignorant of whether a disk has been partitioned, the BIOS on IBM PC compatible machines is also ignorant of whether a disk has in fact been high-level formatted and had an operating system installed in it. The error message displayed when a machine is bootstrapped from a disk without an operating system installed on it (asking the user to insert a bootable disk and press a key) is in fact displayed by code in the boot sector itself, not by the machine firmware.

This results in a security vulnerability. A user who sees the error message may not be aware that the code in the boot sector of the disk has already been run by that point, and that if the disk was infected by a boot-sector computer virus, the virus will have already gained control of the machine. Because of this vulnerability, computer security experts tend to recommend that booting from devices other than the one containing the installed operating system, such as removable media devices (e.g. floppy disk devices, CD-ROMs, and USB flash drives), be disabled in normal operation via the BIOS setup utility, and only re-enabled on those specific occasions when booting from such devices is actually required.

[edit] External links

• Mary Landesman. Boot sector viruses.
• Microsoft. How to Protect Boot Sector from Viruses in Windows. KnowledgeBase.
• Denny Lin. Inexpensive boot sector virus detection and prevention techniques.
• Kaspersky Lab. Boot sector viruses. Virus Encyclopedia / Malware Descriptions / Classic Viruses.
• Arman Catacutan. Glossary of Virus Terms. Boot Viruses.ar:قطاع الإقلاع

it:Boot sector pl:Sektor rozruchowy vi:Boot sector zh:引导扇区