Gigabyte has released an update to fix a potentially dangerous security flaw in its motherboard firmware. The update is available on the official Gigabyte site for Intel 700/600/500/400 series and AMD 600/500/400 series motherboards. The company says it has conducted thorough testing and validation of the new BIOS before rolling it out to the public, meaning it should be safe to install right away. People with any of the affected motherboards should download the new firmware immediately to mitigate any risk.
In a press release announcing the roll-out of the new firmware, Gigabyte said it has improved the verification process for files downloaded from remote servers, thereby ensuring “the integrity and legitimacy of the contents, thwarting any attempts by attackers to insert malicious code.” The company has also enabled standard cryptographic verification of remote server certificates to ensure that files are “exclusively downloaded from servers with valid and trusted certificates” for an added layer of protection.
To bring you up to speed with what happened over the past week, cybersecurity research firm Eclypsium recently detailed a vulnerability in Gigabyte motherboards with both Intel and AMD chipsets. Overall, as many as 271 models from the past several years are said to be affected, including many of the latest products with the Z790 and X670 chipsets. According to the report, the security vulnerability could potentially enable hackers to silently install malware on these systems under certain conditions.
As per the report, millions of Gigabyte motherboards sold over the past several years have a firmware backdoor that was intentionally introduced by the company to make it easier for them to automatically update the firmware on these systems. However, the backdoor was unsecured, allowing malicious actors to potentially download unauthenticated code to carry out man-in-the-middle attacks. Now that a patch has been rolled out to fix the vulnerability, make sure to download and install the latest firmware for your model as soon as possible.