Yet another motherboard maker seems to be in trouble or rather, the people who own those motherboards might be. According to security researchers, countless Gigabyte cards may be vulnerable to dangerous cyber attacks.
If you want to be more secure, there are a couple of things you can do to protect your PC. Here’s what we know.
According to a report released by security firm Eclypsium, many Gigabyte motherboards are at risk. Eclypsium has published a complete list of models affected by the vulnerability, and that list alone includes over 270 different entries. This means that if you own a Gigabyte card, chances are you are affected as well. Both AMD and Intel platforms could be compromised.
To give you a quick summary of what’s going on, Eclypsium found a vulnerability in the firmware of those Gigabyte motherboards. Gigabytes’ software automatically updates the firmware without any further prompts and, as such, opens the door to potential attacks.
The list of risks is huge, but individual users are less at risk than organizations running multiple computers equipped with Gigabyte cards. This is because the attacker would have to use your own network to divert update software to download a malicious payload instead of a new firmware update. However, this could be dangerous and terribly difficult to get rid of. To make matters worse, of the three possible download locations for Gigabytes firmware, one of them just uses a simple HTTP address rather than HTTPS, further decreasing the security of the download process.
While this is a rather sophisticated and situational hack, if a threat actor or group of hackers manages to pull off the attack, the consequences could be dire. Let’s go through them quickly.
For one thing, hackers could exploit vulnerable software built into a computer’s firmware to present itself as a legitimate feature. From there, they could gain full access to the affected PC and network. Rootkits and UEFI implants, which are a type of malware, are also a big threat because they run before the system even boots. Therefore, not even reinstalling the operating system and cleaning the drives would be enough to get rid of them.
Perhaps worst of all, the firmware download happens during system boot, so you probably wouldn’t be the wiser until it’s too late. Eclypsium goes into a lot of detail in its report on what the dangers of this vulnerability are, so be sure to read it here if you’re interested.
How to protect yourself
Gigabyte is working with Eclypsium to fix this issue. The company released an official statement, saying that its engineers have already addressed the potential risks in the latest BIOS beta release. This means that owners of Intel 700/600 or AMD 500/400 motherboards can go ahead and download the update and be safe, but using a beta version of the BIOS comes with some risks. It’s not clear if its use will affect the card’s warranty at this point.
Fortunately, Eclypsium has also provided a couple of fixes that may help you until Gigabyte clears everything up. You will need to enter the BIOS first. This is most commonly done by repeatedly tapping the F2 or Del key as your PC starts up, but if that doesn’t work, check out our guide on using the BIOS to see if there are any other keys you may need to mash here.
Once you are in the options screen, go to Download and install the App Centerfunctionality and disable it. This turns off automatic updates. We also recommend setting a BIOS password to add an extra layer of security.
Motherboards, in general, have had their share of problems lately. While Gigabyte is battling this issue, Asus is also caught in the crossfire following a huge AMD Ryzen 7000 controversy. Instead of a cybersecurity threat, users with Asus cards have found their PCs in danger of burning out.
Editor’s Recommendations
#Gigabyte #motherboard #risk #Digital #Trends