MBR
MBR is a legacy disk partitioning and boot mechanism that stores boot code and partition information at the beginning of a storage device.
What is MBR?
The Master Boot Record (MBR) is a legacy disk structure located in the first sector of a storage device (sector 0). It contains:
- Boot code used to start the operating system
- Partition table describing how the disk is divided
- Boot signature identifying the disk as bootable
MBR was the standard boot mechanism for PCs for decades.
Why MBR matters
MBR matters because it:
- Defined early PC boot processes
- Is still present in legacy systems
- Explains limitations of older disk layouts
- Plays a role in boot-level security threats
- Helps understand modern replacements like GPT
Many compatibility and recovery scenarios still involve MBR.
How MBR works (simplified)
- System firmware (BIOS) reads the MBR from disk
- MBR boot code is executed
- Bootloader locates the active partition
- Control is passed to the OS boot process
MBR relies on BIOS-based booting.
MBR structure
The MBR is divided into:
- Bootloader code (first 446 bytes)
- Partition table (64 bytes, up to 4 entries)
- Boot signature (2 bytes:
0x55AA)
This fixed structure limits flexibility.
Limitations of MBR
MBR has several well-known limitations:
- Maximum disk size of 2 TB
- Maximum of 4 primary partitions
- No built-in redundancy
- Single point of failure
- Weak security model
These limitations drove the adoption of GPT.
MBR vs GPT
| Aspect | MBR | GPT |
|---|---|---|
| Max disk size | 2 TB | Very large (theoretical) |
| Partitions | 4 primary | Many |
| Redundancy | None | Partition table copies |
| Firmware | BIOS | UEFI |
| Security | Limited | Supports Secure Boot |
GPT is the modern standard.
MBR and security risks
From a security perspective, MBR:
- Can be targeted by bootkits and rootkits
- Executes code before the OS loads
- Is difficult to monitor with traditional tools
- Lacks integrity verification
MBR-based malware can persist stealthily.
MBR in modern environments
Today, MBR is mainly found in:
- Legacy BIOS-based systems
- Older operating systems
- Compatibility or recovery scenarios
- Removable media and utilities
Most modern systems use UEFI + GPT.
Migration considerations
Migrating from MBR to GPT:
- Enables larger disks
- Improves reliability
- Supports Secure Boot
- May require firmware and OS compatibility checks
Migration should be planned carefully to avoid data loss.
Common misconceptions
- "MBR supports modern large disks"
- "MBR and GPT are interchangeable"
- "MBR is secure by default"
- "MBR is still recommended for new systems"