Gigabyte, a Taiwanese computer components manufacturer, has announced BIOS updates to address a recently discovered backdoor feature in hundreds of its motherboards. The issue, brought to light by security firm Eclypsium, involved the firmware of over 270 Gigabyte motherboards containing a Windows binary executed at boot-up to fetch and execute a payload from Gigabyte’s servers. Although the backdoor does not appear to have been exploited maliciously, similar tools have been abused in previous attacks. Gigabyte promptly released BIOS updates following the disclosure, stating that potential risks had been mitigated and that stricter security checks during system boot had been implemented to prevent the insertion of malicious code and ensure trusted file downloads. Organizations and users with affected motherboard models are advised to review the list provided by Eclypsium and download the relevant BIOS updates from Gigabyte’s support website.
Read more: https://www.securityweek.com/gigabyte-rolls-out-bios-updates-to-remove-backdoor-from-motherboards/