Gigabyte Motherboards Were Sold With a Firmware Backdoor

[SpacemanSpiff]

Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say.

Millions of PC Motherboards Were Sold With a Firmware Backdoor

Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say.

www.wired.com

 

[samplenhold]

So I guess if you have a Gigabyte motherboard, then disconnect from the internet before you boot.

 

[Jim I.]

Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say.

Millions of PC Motherboards Were Sold With a Firmware Backdoor

Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say.

www.wired.com

I built a new PC about a year ago and installed a new Gigabyte Z690 Aorus Elite motherboard, which appears to be on the list. I have used a lot of Gigabyte motherboards in the past with previous builds and have never had any issues. Hopefully Gigabyte addresses this issue ASAP!

 

[fenderman]

have never had any issues

There would be no way to know though unless you were specifically looking for it.....

 

[Jim I.]

There would be no way to know though unless you were specifically looking for it.....

Looks like I have some homework to do!

 

[fenderman]

Looks like I have some homework to do!

I dont think you have to really worry. As I understand it from the article the attacker would have to apply some sort of man in the middle attack by way of access to your network or somehow gaining control of gigabytes servers when you machine is checking for updates....its just a general cautionary tale of the way gigabyte went about installing this "service" in the firmware.

 

[Jim I.]

I dont think you have to really worry. As I understand it from the article the attacker would have to apply some sort of man in the middle attack by way of access to your network or somehow gaining control of gigabytes servers when you machine is checking for updates....its just a general cautionary tale of the way gigabyte went about installing this "service" in the firmware.

Gigabyte has been one of the leading motherboard manufacturers for a long time. This could tarnish their reputation a bit if they don't address it with a firmware update or something. I used an Asus motherboard for my recent Blue Iris build, the Gigabyte board is for my main PC. Hopefully Asus doesn't have a similar issue!

 

[fenderman]

Gigabyte has been one of the leading motherboard manufacturers for a long time. This could tarnish their reputation a bit if they don't address it with a firmware update or something. I used an Asus motherboard for my recent Blue Iris build, the Gigabyte board is for my main PC. Hopefully Asus doesn't have a similar issue!

I'm surprised they have not addressed it on their website.

 

[jrbeddow]

I'm surprised they have not addressed it on their website.

There will likely need to be a very carefully worded (tip-toe/dance) explanation posted after consulting with both legal and marketing departments (and most likely other interests as well). That might take a few days.

 

[SpacemanSpiff]

I've built plenty of machines with gigabyte mobo's as well as others. Always been happy with their product(s). As much as this recent news is a surprise... it is not. They weren't the first manufacturer to experience this, will most likely not be the last either. When the 'ol BIOS evolved to UEFI, there were many reports that spoke to the risks UEFI could carry. It wasn't a matter of "IF", but "WHEN" we'd see it happen.

I found the eclypsium article that has a bit more technobabble on their findings. There is also a link to the list of affected models at the very end of the article