A method of system for hardening a firmware environment. A trusted core framework of firmware components are segregated from initially non-trustworthy extended firmware components such that the trusted core components are executed in a privileged processor mode, while the extended firmware components are executed in a non-privileged processor mode. An authentication of each extended firmware component is made to determine whether it is secure or non-secure. Through a memory code fault mechanism, memory accesses made by the extended firmware components are trapped, and a determination is made to whether the memory accesses should be allowed based on whether the extended firmware component is secure or non-secure and whether the requested memory page was allocated by the trusted core or a secure extended firmware component. This segregation scheme prevents non-trusted firmware from accessing privileged memory, thereby preventing rogue, errant, or malicious firmware from damaging the trusted core framework.