Gigabyte is one of the most popular motherboard manufacturers, making some of the best gaming and non-gaming boards out there. Unfortunately, if you own one of the company’s boards, you might want to secure yourself against a backdoor that was just discovered.
Eclypsium, a cybersecurity firm specializing in firmware, has brought to light an alarming discovery regarding Gigabyte motherboards. These motherboards, according to the firm, hide a mechanism within their firmware. Upon rebooting your PC, this mechanism will activate an updater program embedded in the motherboard’s firmware, which will download and execute additional software.
This is intended so Gigabyte’s motherboards always stay updated, and the motherboard maker intends no harm by adding this. The problem, however, is not the tool itself, but rather, that because of the way it’s implemented, it can be potentially hijacked by a malicious actor who could then download malware into your motherboard.
What can you do? Really, nothing. It’s a process that happens outside of the limits of your operating system, so the only fix is for Gigabyte to release a BIOS update removing this updater program, or fixing whatever vulnerability would allow a hacker to get in.
If you’re worried about being potentially vulnerable, you should read through the full list of affected motherboards to see if yours is affected. In total, 271 models have been identified to be affected. And if you’ve been on the market for a new motherboard, maybe avoid Gigabyte for now.
Source: Wired
