1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Gigabyte releases fix for motherboard security flaws, so patch no

    From TechnologyDaily@1337:1/100 to All on Tue Jun 6 10:45:03 2023
    Gigabyte releases fix for motherboard security flaws, so patch now

    Date:
    Tue, 06 Jun 2023 09:30:37 +0000

    Description:
    The updater can no longer be abused to push malware, the company confirms.

    FULL STORY ======================================================================

    Taiwanese hardware giant Gigabyte has issued a patch for a security flaw that allowed threat actors to push malware through the devices firmware. In total, more than 270 motherboard models were affected by the flaw.

    Less than a week ago, cybersecurity researchers from Eclypsium reported finding a flaw in how the motherboards handled firmware updates. The devices had a hidden mechanism that quietly runs an updater program that connects to
    a remote server, and downloads and runs software.

    The updater was said to have been implemented insecurely, potentially
    allowing threat actors to hijack it and have it download and install malware. As this would put the malware in the motherboards firmware, it would persist even after the hard drive was replaced. Enhanced protection

    Soon after the news broke, Gigabyte released a fix, addressing firmware updates for Intel 400/500/600/700 and AMD 400/500/600 series motherboards.

    "To fortify system security, GIGABYTE has implemented stricter security
    checks during the operating system boot process. These measures are designed to detect and prevent any possible malicious activities, providing users with enhanced protection, the company said in an announcement. Read more

    Your motherboard could be infected with some seriously sneaky malware


    Millions of Gigabyte motherboards were sold with a firmware backdoor flaw
    - see if you're affected


    These are the best firewalls today

    This enhanced protection includes signature verification and privilege access limitations. That means that the files being downloaded through the updater will be checked for integrity and legitimacy, making it more difficult to abuse the tool to drop malware. Furthermore, the updater now features
    standard cryptographic verification of remote server certificates, guaranteeing the files are only downloaded from pre-approved servers.

    Even though the risk of the flaw being abused to drop malware is relatively small, Gigabyte still advises all of its users to apply the latest firmware
    as soon as possible. Those who would rather remove the companys auto-update feature should turn off the APP Center Download & Install Configuration setting in the BIOS, and then uninstall the software in Windows, BleepingComputer writes. Check out the best endpoint protection tools right now

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/gigabyte-releases-fix-for-motherboard-security- flaws-so-patch-now


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)