GIGABYTE Fortifies System Security with Latest BIOS Updates and Enhanced Verification

[GFreeman]

GIGABYTE Technology, one of the leading global manufacturers of motherboards, graphics cards, and hardware solutions, has always prioritized cybersecurity and information security. GIGABYTE remains committed to fostering close collaboration with relevant units and implementing robust security measures to safeguard its users. GIGABYTE engineers have already mitigated potential risks and uploaded the Intel 700/600 and AMD 500/400 series Beta BIOS to the official website after conducting thorough testing and validation of the new BIOS on GIGABYTE motherboards.

To fortify system security, GIGABYTE has implemented stricter security checks during the operating system boot process. These measures are designed to detect and prevent any possible malicious activities, providing users with enhanced protection:

• 1. Signature Verification: GIGABYTE has bolstered the validation process for files downloaded from remote servers. This enhanced verification ensures the integrity and legitimacy of the contents, thwarting any attempts by attackers to insert malicious code.
• 2. Privilege Access Limitations: GIGABYTE has enabled standard cryptographic verification of remote server certificates. This guarantees that files are exclusively downloaded from servers with valid and trusted certificates, ensuring an added layer of protection.

BIOS updates for the Intel 500/400 and AMD 600 series chipset motherboards will also be released on the GIGABYTE official website later today, along with updates for previously released motherboards. GIGABYTE recommends that users regularly visit the official GIGABYTE website for future BIOS updates.



View at TechPowerUp Main Site | Source

 

[ZoneDymo]

GIGABYTE Technology, has always prioritized cybersecurity and information security.

What they dont prioritize is the physical safety of your PC, that can blow up / burn down for all they care, but hey, at least your data wont fall in the wrong hands...or in anyone's hands for that matter, right?

 

[zmeul]

just remove the bloody thing from the BIOS
also ASUS, MSI and whomever else has it

 

[katzi]

just remove the bloody thing from the BIOS
also ASUS, MSI and whomever else has it

Asus does this, MSI hasn't to my knowledge (My last MSI board was a B550 Unify)

 

[Leiesoldat]

This is Gigabyte trying to mitigate the fallout from their atrocious lack of security and backdoors in the UEFI BIOS of 250+ motherboard models that was revealed in the last couple of days: https://arstechnica.com/security/20...herboards-were-sold-with-a-firmware-backdoor/.

 

[mechtech]

This is Gigabyte trying to mitigate the fallout from their atrocious lack of security and backdoors in the UEFI BIOS of 250+ motherboard models that was revealed in the last couple of days: https://arstechnica.com/security/20...herboards-were-sold-with-a-firmware-backdoor/.

When the cat’s away the mouse will play.

 

[P4-630]

To fortify system security, GIGABYTE has implemented stricter security checks during the operating system boot process. These measures are designed to detect and prevent any possible malicious activities, providing users with enhanced protection:

• 1. Signature Verification: GIGABYTE has bolstered the validation process for files downloaded from remote servers. This enhanced verification ensures the integrity and legitimacy of the contents, thwarting any attempts by attackers to insert malicious code.
• 2. Privilege Access Limitations: GIGABYTE has enabled standard cryptographic verification of remote server certificates. This guarantees that files are exclusively downloaded from servers with valid and trusted certificates, ensuring an added layer of protection.

Now if they only thought about actually doing that 10 years ago....

 

[Tomorrow]

Ironic that my X570 board does not have this "feature" present in older B450 and newer AM5/Z790 boards.
X570S refresh is affected tho.

 

[BatRastard]

What's weird is this news broke just days after a few users in the MSI Gaming subreddit reported that a new option in their BIOS automatically downloads and executes a full screen version of MSI Center after logging into Windows and it starts executing BIOS updates and driver updates with no clear way to stop or close the app. This behavior is basically a rootkit designed to brick boards so they can sell replacements. Wash. Rinse. Repeat. It boggles the mind that a sysadmin would let this insanity escape the asylum.

 

[MarsM4N]

BIOS backdoor fixed, for 271 models of Gigabyte motherboards! NSA staff not going to be very amused.

Tbh. automated BIOS updates are just a dumb idea. Not only for safety reasons, but also for system reliability. It's just better to wait a week before updating. A popup update notice would be way better.

 

[trparky]

The bad part is, according to the SMU checker, all new BIOS versions have AMD AGESA 1.0.0.7A as part of it. According to a lot of users, 1.0.0.7A is not even close to being stable yet. So much so that I think the letter "A" in the version stands for Alpha, as in that it's an Alpha version and not even Beta.

I don't have any of the Gigabyte software installed on my system and it's going to stay that way.

 

[BatRastard]

There's been reports that AGESA 120A for some MSI AM4 boards are corrupting the full screen logo at boot to the point that it's either garbled or missing completely.

 

[Chaitanya]

Still wont be buying GB boards unless they fix these as well:

Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards

A backdoor feature found in hundreds of Gigabyte motherboard models can pose a significant supply chain risk to organizations.

www.securityweek.com

 

[Minus Infinity]

Yeah my old X370 wasn't affected. Pay's to be trailing edge sometimes.

 

[chrcoluk]

Not sure why they obsessed with keeping this rubbish in the bios, the people who want the software will seek it out and download it, the ones who dont, dont force it on them.

They could gain PR by admitting they got it wrong and saying they taking a security stance now of removing the functionality.

 

[R-T-B]

Still wont be buying GB boards unless they fix these as well:

Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards

A backdoor feature found in hundreds of Gigabyte motherboard models can pose a significant supply chain risk to organizations.

www.securityweek.com

That's literally what this fixes. And to all you paranoids out there, this was a potential vulnerability that hadn't even been exploited yet, and would be pretty difficult to exploit for that matter (it's a case of "do you trust your dns server?"). Not a "backdoor."

 

[tpa-pr]

Well, I have turned the feature off and the beta BIOS with the fix is out for my board. I'll be waiting for the non-beta BIOS but I guess I have to give Gigabyte credit for fixing it so quickly? Ideally they wouldn't have included the feature in the first place but I'll take whatever win I can get.

 

[Tropick]

Wow, my B550 AORUS Elite V2 narrowly escaped this crap solely on the virtue of it being the 1.0 revision. Looks like rev 1.2 and up are all affected as they include the stupid feature.

GIGABYTE Technology, has always prioritized cybersecurity and information security.

What they dont prioritize is the physical safety of your PC, that can blow up / burn down for all they care, but hey, at least your data wont fall in the wrong hands...or in anyone's hands for that matter, right?

Can't leak the keys if your TPM chip is melted

 

[zlobby]

Mid of 2023 and some vendors start imlementing basic blob validation...

 

[Dragokar]

I also would love to get a AGESA 1.2.0.A for my X570S and B550 Aorus Pro somehow someday dear Gigabyte