According to SlashGear , in a blog post detailing the issue, Eclypsium revealed that a security flaw with Gigabyte motherboards was found in the firmware. While there have been no reports of anyone using the vulnerability to cause intentional damage, the fact that the vulnerability affects the motherboard's automatic update function is concerning. Eclyspium describes the vulnerability as a backdoor that has been undetected for years and found on some Gigabyte motherboards.
Security vulnerability discovered in 257 motherboard models of Taiwanese manufacturer
The issue lies in flaws in Gigabyte’s updater, a key feature on motherboards. It is triggered when the motherboard attempts to connect to a Gigabyte server to look for a new firmware version, where the updater pings three different websites for the updated version of the firmware. One of these websites does not have an SSL certificate and is completely unsecured, the researchers said. In the case of the other two links, despite having valid security certificates, Gigabyte is said to have failed to properly implement the remote server certificate.
The irony here is that firmware updates are typically used to fix vulnerabilities and security threats. However, in this case, the way the company was deploying the firmware update exposed millions of users to serious security threats. In fact, Eclypsium said the update executed various code without proper user authentication.
As for the motherboards affected by the vulnerability, Eclypsium identified 257 models that were manufactured and sold to consumers by Gigabyte over the past few years. Among those affected are Gigabyte's latest Z790 and X670 models, alongside a long list of boards from AMD's 400-series machines.
Since the vulnerability is at the BIOS level, it can be difficult for the average user to avoid the threat. However, Eclypsium has shared some tips with users to explain how to stay safe from any potential issues caused by the vulnerability. To start, the company recommends disabling a feature called “APP Center Download & Install” in the motherboard BIOS, as well as applying a password to the feature. This will prevent the BIOS from performing automatic firmware update checks without user intervention.
Gigabyte has acknowledged the issue in a press release. In fact, the company has already started rolling out beta versions of the BIOS to fix the bug. Gigabyte's latest Intel 700/600 series and AMD 500/400 series motherboards are the first to receive the updated firmware. Gigabyte also said that a BIOS update for Intel 500/400 and AMD 600 series motherboards is planned.
Source link
Comment (0)