Taiwanese hardware giant Gigabyte has issued a patch for a security flaw that allowed threat actors to push malware through the device’s firmware. In total, more than 270 motherboard models were affected by the flaw. 

Less than a week ago, cybersecurity researchers from Eclypsium reported finding a flaw in how the motherboards handled firmware updates. The devices had a hidden mechanism that quietly runs an updater program that connects to a remote server, and downloads and runs software. 

The updater was said to have been implemented insecurely, potentially allowing threat actors to hijack it and have it download and install malware. As this would put the malware in the motherboard’s firmware, it would persist even after the hard drive was replaced. 

Enhanced protection

Soon after the news broke, Gigabyte released a fix, addressing firmware updates for Intel 400/500/600/700 and AMD 400/500/600 series motherboards.

“To fortify system security, GIGABYTE has implemented stricter security checks during the operating system boot process. These measures are designed to detect and prevent any possible malicious activities, providing users with enhanced protection,” the company said in an announcement.

This enhanced protection includes signature verification and privilege access limitations. That means that the files being downloaded through the updater will be checked for integrity and legitimacy, making it more difficult to abuse the tool to drop malware. Furthermore, the updater now features standard cryptographic verification of remote server certificates, guaranteeing the files are only downloaded from pre-approved servers. 

Even though the risk of the flaw being abused to drop malware is relatively small, Gigabyte still advises all of its users to apply the latest firmware as soon as possible. Those who would rather remove the company’s auto-update feature should turn off the “APP Center Download & Install Configuration” setting in the BIOS, and then uninstall the software in Windows, BleepingComputer writes.

Via: BleepingComputer

Go to Source

Follow us on FacebookTwitter and InstagramWe are growing. Join our 6,000+ followers and us.

At TechRookies.com will strive to help turn Tech Rookies into Pros!

Want more articles click Here!

Deals on Homepage!

M1 Finance is a highly recommended brokerage start investing today here!

WeBull. LIMITED TIME OFFER: Get 3 free stocks valued up to $6300 by opening & funding a #Webull brokerage account! “>Get started >Thanks for visiting!

Subscribe to our newsletters. Here! On the homepage

Tech Rookies Music Here!

Disclaimer: I get commissions for purchases made through links in this post at no charge to you and thanks for supporting Tech Rookies.

Disclosure: Links contain affiliates. When you buy through one of our links we will receive a commission. This is at no cost to you. Thank you for supporting Teachrookies.com

Disclaimer: This article is for information purposes and should not be considered professional investment advice. It contains some forward-looking statements that should not be taken as indicators of future performance. Every investor has a different risk profile and goals. All investments have risks. Always do your own research or hire an expert before investing and trading.