The BIOS is the firmware that performs hardware initialization during the booting process (power-on startup). It is preinstalled on a motherboard, and is held in ROM or another non-volatile medium (such as flash memory). It is the first software to run when powered on, and is responsible for detecting, starting up, and testing hardware and loading the boot loader, which will then initialize the operating system. The classic blue CMOS setup/BIOS screen is shown in the following screenshot, and can be used to apply settings (such as system times) before the operating system is even initiated. This can be password-protected to help protect the system, but is often easily overridden by a CMOS battery pull (to clear memory) or via a jumper on the board:
In the MS-DOS (and therefore also the early Windows systems), the BIOS provided the control layer for the keyboard, display, and other devices, providing a standardized interface for the operating system and application programs, regardless of any differences in the physical hardware. This platform is now provided by the operating system, so the BIOS is only really required to find and load the operating system, initialize the hardware, and then hand over control.
When booting, the BIOS looks to the Master Boot Record (MBR) to point it to the location of any operating systems that are present. The BIOS is an often overlooked security vulnerability, perhaps due to its historical position in ROM (and therefore uneditable). The Mebromi rootkit changed this. Discovered in 2011, it set out to plant itself inside the BIOS in order to corrupt the system's MBR and make the target system inoperable.